NO  MORE  WHIPPING  BOY 

IT  should  take  credit  for  its  role  in  business 
sueecss,  says  Paul  M.  Ingevaldson. 
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GAME  CHANGER 


Kiva  is  using  IT  to  connect  small-stakes  lendeis  ' 
A  vithm^o^^^^m^wmews  qipund 


Check  out 
the  future  of 
microfinance 


IT  Struggles  to  Show  Bl  Value 


Use  of  tools  grows, 
but  execs  still  seek 
hard  ROI  numbers 


BY  HEATHER  HAVENSTEIN 

LAS  VE0AS 

Though  business  intelligence 
has  become  a  lifeblood  appli¬ 
cation  in  many  companies,  IT 


executives  say  they  must  con¬ 
tinue  to  prove  its  worth  to  top 
management. 

For  example,  Lowe’s  Com¬ 
panies  Inc.  CIO  Steve  Stone 
noted  that  the  retailer  has 
been  using  BI  tools  for  years 
to  identify  fraudulent  returns, 
BI  Value,  page  41 
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Users  Not  Rushing  on 
Vista,  Office  2007 

OS  validation,  new  Office  user  interface  slow  upgrade  plans 


BY  CAROL  SLIWA 

Although  Microsoft  Corp.  is 
staging  the  general  launch 
of  Windows  Vista  and  Office 
2007  today,  corporate  users 
have  had  access  to  the  new 
software  since  late  November. 

But  that  early  access  isn’t 
translating  into  early  deploy¬ 
ments  for  most  business  cus¬ 
tomers,  judging  by  an  e-mail 
poll  of  40  IT  managers  con- 


MAII  the  work  is 
on  our  side;  all 
the  benefit  accrues  to 
Microsoft.  . 

GEORGE  DEFENBAUGH,HESS 

CORP.,  ON  VISTA’S  SOFTWARE  PRO¬ 
TECTION  PLATFORM  TECHNOLOGY  - 


ducted  by  Computerworld  last 
week.  Even  though  Microsoft 
took  pains  to  try  to  remove 
some  of  the  barriers  that  often 


hinder  upgrades,  only  three 
respondents  said  they  expect 
Vista  to  be  deployed  on  more 
than  half  of  their  companies’ 
systems  by  year’s  end. 

Only  six  said  they  anticipate 
installing  Office  2007  that 
broadly  by  then,  and  the  vast 
majority  predicted  that  they 
will  be  running  both  of  the 
new  products  on  only  a  few 

Vista,  page  16 
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It's  hard  to  work  like  a  team  when  only  the  big  players  have  remote  access.  With 
Microsoft®  Exchange  Server  2007,  everyone  can  connect  and  collaborate  anywhere 
they  go  through  a  unified  e-mail,  v-maii,  and  calendar  system  offering  advanced 
security.  See  how  BT®  is  able  to  help  its  global  team  work  more  efficiently  at 

microsoft.com/exchange 
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Leaders  Wanted/CIO  Challenge  Series 


Challenge  #3: 

Make  great  decisions  contagious. 


Solution: 

Hyperion — your  management  system  for  the  global  enterprise. 

Can  technology  continually  guide  people  toward  great  decisions?  Visionary  CIOs 
are  proving  it  can  with  Hyperion®  System"*  9  BI+™  Unlike  conventional  business 
intelligence,  Hyperion  integrates  the  world’s  leading  financial  applications  with  a 
powerful  analytic  engine,  driven  by  rules  defined  by  end  users.  And  only  Hyperion 
Bl  +  also  allows  users  to  build  powerful,  interactive  dashboards  in  minutes.  So  they 
can  analyze  and  visualize  data  in  new  ways.  And  discover  deeper  insights  that  drive 
great  decisions. 


FREE  ARTICLE  FROM  HARVARD  BUSINESS  REVIEW 
How  do  other  IT  leaders  create  a  culture  of  great  decision 
making?  Read  “Who  has  the  D?  How  Clear  Decision  Roles 
Enhance  Organizational  Performance”  from  the  Harvard 
Business  Review.  Co  to  www.hyperion.com/go/decisions 

#  Hyperion- 

The  future  in  sight 


©  2007  Hyperion  Solutions  Corporation.  All  rights  reserved.  "Hyperion,”  the  Hyperion  logo,  and  Hyperion's  product  names  are  trademarks  of  Hyperion.  References  to  other  companies  and  their  products  use  trademarks  owned  by  the  respective 
companies  and  are  for  reference  purpose  only. 


The  Age  of  Assets 

In  the  Technology  section:  Enterprise  asset  management  isn’t  just 
for  heavy  industry  anymore.  Today,  CIOs  in  various  sectors  can 
combine  software,  wireless  networks  and  sensors  to  keep  tabs  on 
all  kinds  of  assets,  from  rail  cargo  to  hospital  wheelchairs.  Page  24 
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6  Sun  changes  course  two  years 
after  deciding  to  rely  solely 
on  Advanced  Micro  Devices  for 
x86  chips,  now  saying  it  will  also 
build  a  full  line  of  systems  around 
Intel’s  Xeon  processors.  Plus:  A 
Q&A  with  Sun  exec  John  Fowler. 

8  Two  e-voting  machine  test  labs 
meet  the  first  part  of  the  latest 
federal  certification  requirements. 

9  Detecting  network  intrusions 

can  sometimes  be  trickier  than 
preventing  them  in  the  first  place, 
IT  managers  say  in  the  wake  of  a 
system  breach  at  retailer  TJX  that 
went  unnoticed  for  seven  months. 


9 The  Pentagon  and  the  Depart¬ 
ment  of  Veterans  Affairs  agree 
to  develop  common  electronic 
health  records,  but  they  still  need 
to  figure  out  the  details  of  melding 
their  existing  EHR  technologies. 

WThe  Chicago  Elections  Board  is 
hit  with  federal  and  state  law¬ 
suits  over  a  recent  disclosure  that 
it  distributed  CD-ROMs  with  the 
Social  Security  numbers  of  voters 
to  local  officials  in  2003  and  2004. 

W  Collaboration  tools  coming 
from  IBM  could  make  it  easier 
for  end  users  to  share  data.  But 
rollouts  may  not  happen  right 
away,  according  to  IT  managers. 

41*  Q&A:  Borland  execs  Tod 
ID  Nielsen  and  Marc  Brown 
explain  the  company’s  application 
life-cycle  management  strategy. 

M  Global  Dispatches:  A  Taiwan¬ 
ese  official  says  the  govern¬ 
ment  is  easing  restrictions  on 
companies  that  are  looking  to  do 
business  in  China. 


TECHNOLOGY 


QuicfcStudy:  Color  Temperature. 

Color  temperature,  which 
measures  the  color  quality  of 
white  light,  is  important  in  the 
design  and  use  of  computer  moni¬ 
tors  and  digital  cameras.  Find 
out  why  photos  of  fluorescent-lit 
rooms  look  green. 

M  Security  manager’s  Journal: 

Getting  Certihed  and  Just  a  Bit 
Certihable.  The  total  immersion  of 
CCSP  boot  camp  is  grueling,  C.J. 
Kelly  finds.  But  she  has  to  admit 
that  off-site  training  is  the  surest 
way  to  block  out  the  distractions 
that  can  be  the  downfall  of  self- 
study  methods. 

MANAGEMENT 

Game  Changer.  Kiva,  a  San 
Francisco  start-up,  is  using 
technology  to  connect  small- 
stakes  lenders  around  the  world 
with  impoverished  entrepreneurs 
in  developing  countries  —  a  feat 
that’s  helping  to  change  the  face 
of  microfinancing. 


OPINIONS 

On  the  Mark:  Mark  Hall  hears 
from  a  security  vendor  that 
Vista  is  inherently  more  secure 
than  Mac  OS  X  —  at  least  on  paper. 


amid  all  the  bad  news:  Kiva,  a  start¬ 


up  that’s  using  IT  to  enable  people 
to  make  small  loans  to  entrepre¬ 
neurs  in  developing  countries. 

Paul  Lamb  wants  technology 
to  move  the  U.S.  beyond  a  “to 
the  victor  go  the  spoils”  mentality. 

Jay  Cline  says  the  time  is  ripe 
for  a  global  privacy  standard 
to  replace  the  hodgepodge  of 
privacy  principles  multinational 
businesses  must  cope  with. 


M  Buyer  Beware.  Are  your  IT 
vendors  tied  up  in  legal  prob¬ 
lems?  If  so,  there’s  a  real  danger 
that  your  company  could  become 
entangled  too.  Here’s  what  to 
watch  out  for  and  how  to  protect 
your  company. 


35 


Managers’  Forum.  An  em¬ 
ployee  nearing  retirement 
isn’t  pulling 


41 
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his  weight.  Not 
only  that,  he’s 
causing  trouble. 
What’s  a  man¬ 
ager  to  do?  Paul 
Glen  has  some- 
suggestions. 


QC  Paul  Ingevaldson  thinks  IT 
uO  should  stand  up  and  take  cred¬ 
it  for  its  role  in  corporate  success. 


JA  Frankly  Speaking:  Frank  Hayes 

listens  in  as  the  Old  Man  of 
IT  finesses  a  situation  with  an 
average  user  who  wants  to  work 
from  his  Vista-running  home  PC. 
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VISTA  UUNCH 

Learn  all  you  need  to  know  about 
Microsoft’s  latest  Windows  operating 
system  by  checking  out  these  stories: 


Hands  On:  A  Hard  Look 
At  Windows  Vista 

Don’t  miss  our  in-depth  review  and 
visual  tour. 

Under  the  Hood:  Whafs 
Different  About  Vista’s  GUI? 

In  this  excerpt  from  Windows  Vista  Unveiled, 
Paul  McFedries  explains  the  Windows  Pre¬ 
sentation  Foundation  (formerly  Avalon), 
how  it  improves  graphics  performance  and 
why  software  developers  will  love  it. 

Buying  a  Computer  for 
Visia . . .  and  Beyond 

With  some  careful  planning,  you  can 
buy  PCs  that  will  both  support  Vista 
and  last  well  beyond  today’s  standard 
three-year  life  span. 

Top  Windows  Time-saving  Tips 

These  shortcuts  will  save  hand  motions  as 
well  as  time  when  you’re  using  Microsoft’s 
OS.  And  most  of  them  work  for  other  ver¬ 
sions  of  Windows  as  well  as  Vista. 

Find  all  this,  plus  our  latest  Vista  coverage, 

at  O  www.computerworld.com/07/vista 

ONLIHE  DEPARTMENTS 

Breaking  News _ computerworld.com/new 

Newsletter  Subscriptions  computerworld.com/newslsttt:  . 

Knowledge  Centers _ coniputerworld.com/to;  tc  r. 

The  Online  Store  computerworirJ.ciom/siore 
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Users  Warned  of 
Word  Vulnerability 

Symantec  Corp.  has  issued 
a  warning  that  hackers  are 
exploiting  a  new,  unpatched 
vulnerability  in  Microsoft  Corp.’s 
Word  software  that  could  allow 
them  to  take  control  of  a  victim’s 
computer.  The  attack  comes  via 
an  infected  e-mailed  Word  docu¬ 
ment.  Security  vendor  Secunia 
ApS  rated  it  as  “extremely  criti¬ 
cal,’’  its  highest-level  warning. 
Microsoft,  however,  said  the 
attacks  are  “very  limited.’’ 


Four  Lose  Jobs  Due 
To  CA  Outsourcing 

CA  Inc.  said  that  at  least  three 
or  four  CA  workers  will  lose 
their  jobs  due  to  the  company’s 
decision  to  outsource  human 
resources  services  to  Brussels- 
based  Arinso  International  NV. 

At  the  same  time,  CA  confirmed 
that  three  top  executives  have 
left  the  company.  Sam  Green- 
blatt,  senior  vice  president  of 
innovation;  Gary  Starkey,  senior 
vice  president  of  CA’s  executive 
technology  advisors  division;  and 
Toby  Weiss,  senior  vice  president 
of  the  security  management  unit, 
departed  CA  this  month. 


Microsoft  Blames 
Vista  for  Profit  Dip 

Microsoft,  citing  significant 
spending  to  prepare  for  the 
launch  of  the  new  Vista  operat¬ 
ing  system,  said  that  its  second- 
quarter  profits  fell  28%  while 
revenue  increased  6%. 


Oracle  Ships  Apps 
Before  Unveiling 

Oracle  Corp.  quietly  released  its 
new  E-Business  Suite  Release  12 
to  customers  a  few  days  in  ad¬ 
vance  of  a  launch  event  planned 
this  week  in  New  York.  In  a  blog 
posted  late  last  week,  Steve 
Chan,  director  of  applications 
technology  integration,  said  the 
new  version  was  immediately 
available  for  download. 


Sun  Teams  With  Intel,  Aims 
For  Broader  x86  User  Base 


Drops  Opteron-only  stance,  plans  to 
roll  out  Xeon-based  systems  by  June 


Two-Year 
Hardware  Cycles 


BY  PATRICK  THIBODEAU 

HE  IT  direction  that 
Canadian  insurer 
Medavie  Blue  Cross 
has  set  for  itself  il¬ 
lustrates  one  of  the  reasons 
why  Sun  Microsystems  Inc. 
announced  last  week  that  it 
has  agreed  to  once  again  sell 
servers  based  on  Intel  chips. 

When  Medavie  started 
running  Web  applications  in 
2000,  Sun’s  UltraSparc-based 
systems  dominated  that  mar¬ 
ket,  and  software  vendors 
were  desigining  applications 
specifically  for  Sun’s  Solaris 
operating  system,  said  Don 
McPhee,  director  of  technical 
services  at  the  Moncton,  New 
Brunswick-based  insurer. 

But  he  added  that  as  lower- 
cost  x86  servers  have  become 
increasingly  capable,  Medavie 
has  been  moving  to  “more 
commodity-based”  systems 
running  Linux  and  using  proc¬ 
essors  from  either  Intel  Corp. 


or  Advanced  Micro  Devices 
Inc.  “Things  have  changed,” 
McPhee  said.  “We  just  went 
with  the  momentum.” 

Now  Sun  is  changing.  Two 
years  after  the  company 
dropped  seyeral  low-end  serv¬ 
ers  based  on  Intel  chips  and 
decided  to  rely  solely  on  AMD 
for  x86  devices.  Sun  said  it  will 
develop  a  full  of  line  of  servers 
and  workstations  with  Intel’s 
Xeon  processors.  Sun  plans 
to  start  shipping  Intel-based 
systems  by  June,  and  the  two 
vendors  will  work  together  to 
optimize  Solaris  for  hardware 
built  around  Intel’s  x86  chips. 

Sun  CEO  Jonathan  Schwartz 
said  during  a  teleconference 
that  about  70%  of  Solaris  x86 
users  are  running  the  operating 
system  on  Intel-based  hardware. 
But  Sun  expects  the  new  com¬ 
bination  of  Xeon  and  its  Open- 
Solaris  open-source  software 
to  attract  more  interest  from 
independent  software  vendors. 


Sun  says  it  will  start 
selling  Solaris  and 
Linux  servers  based  on  AMD's 
Opteron  processor. 

The  company  drops 
a  line  of  Intel-based 
servers  and  standardizes  on 
Opteron  for  x86  hardware. 

Sun  signs  a  new 
agreement  to  use 
Intel’s  Xeon  chips  in  servers 
and  workstations. 


In  addition.  Sun  officials 
acknowledged  that  UltraSparc- 
based  systems  have  become 
too  expensive  for  many  users 
looking  to  run  Web  applica¬ 
tions.  “The  customers  who  left 
us  post-bubble  didn’t  want  to 
leave  us,”  said  Scott  McNealy, 
Sun’s  chairman.  But,  he  added, 
customers  no  longer  could  af¬ 
ford  the  cost  of  the  company’s 
systems  when  “the  Xeon 
thread  was  so  much  cheaper.” 

Until  recently,  though,  Intel 
was  having  trouble  develop¬ 


ing  Xeon  chips  that  matched 
the  performance  of  AMD’s 
Opteron  processor.  Since  July, 
Intel  has  added  two  higher- 
performance  and  more  power- 
efficient  chips:  the  dual-core 
5100,  code-named  Woodcrest, 
and  the  quad-core  5300,  code- 
named  Clovertown. 

Stephen  Josselyn,  an  analyst 
at  research  firm  IDC,  said  Sun 
has  been  fighting  the  same 
battle  against  x86  hardware  in 
the  low-end  server  market  that 
other  Unix  vendors  with  RISC- 
based  processors  have  been. 

A  return  to  Intel  chips 
should  help  Sun  sell  Solaris 
servers  to  a  broader  market 
and  enable  it  to  offer  more  op¬ 
tions  to  data  center  managers 
who  are  turning  to  x86  tech¬ 
nology,  said  Nathaniel  Marti¬ 
nez,  another  IDC  analyst. 

Sun  will  continue  to  of¬ 
fer  Opteron-based  systems  as 
well,  and  an  AMD  spokesman 
said  Intel’s  backing  of  Solaris 
“is  good  for  all  of  us.”  He  added 
that  everything  he  has  heard 
about  the  Sun-Intel  deal  indi¬ 
cates  that  it  will  be  comple¬ 
mentary  to  Sun’s  existing  busi¬ 
ness  relationship  with  AMD.  ► 


Ben  Ames  and  Robert  McMil¬ 
lan  of  the  IDG  News  Service 
contributed  to  this  story. 


Technical  Gains  Give  Intel  New  Appeal,  Sun  Exec  Says 


JOHN  FOWLER,  Sun’s 
executive  vice  president 
of  systems,  spoke  with 
Computerworlcf  s  Patrick 
Thibodeau  last  week  about 
the  company’s  new  alliance 
with  Intel.  Excerpts  from  the 
interviev/  follow: 

What  kinds  of  improve¬ 
ments  can  users  expect  in  how 
Solaris  operates  on  Intel-based 
boxes?  There  are  several  things. 

Taking  advantage  of  advanced  power  : 
management  features,  we’ll  work 
directly  with  Intel  to  reduce  power  - 
utilization  of  servers  at  different  work-  : 
loads.  The  second  thing  we’re  going  : 
to  work  with  them  on  is  1/0  perfor-  ■ 
mance.  Intel  platforms  have  some  1/0  - 
acceleration  features,  and  we  can  in-  ■ 
tegrate  changes  in  Solaris  that  greatly  : 
improve  the  efficiency  and  the  per-  ■ 
formance  of  1/0  on  those  platforms. 


The  third  area  that  we  can  : 

work  on  is  reliability.  Solaris  ; 

has  this  feature  called  self- 

healing,  which  is  the  ability  : 

to  properly  handle  problems  ; 

in  the  hardware  and  then  ] 

continue  to  operate.  Together  ; 

with  Intel,  we  can  make  [that  : 

feature]  work  particularly  well  ^ 

on  Intel  platforms  so  we  have  ; 

really  high  degrees  of  reliability.  : 

* 

When  will  those  improvements  ap-  ’ 
pear?  Where  most  of  these  changes  . 
will  appear  is  actually  in  OpenSolaris  ; 
first.  And  they’ll  start  appearing  dur-  = 
ing  calendar  2007.  It’s  basically  going  : 
to  be  a  continuous  thread  of  innova- 
tion,  not  just  some  big  bang.  - 

Are  you  going  to  try  to  create  Intel- : 
based  systems  that  can  scale  up  ' 
to  a  large  number  of  processors?  ] 

We’re  going  to  collaborate  on  greater  ; 


than  four-way  systems.  And  that  can  ' 
be  a  whole  bunch  of  different  ac-  j 

tivities  -  making  sure  Solaris  works  t 
well  on  them,  as  well  as  designing  ' 
systems  around  them.  Beyond  that,  * 
I’m  not  going  to  go  into  any  details 
of  what  exactly  we’re  doing,  because  ; 
1  don’t  want  to  disclose  any  future  ; 
product  plans  at  this  time.  ] 

Until  2005,  Sun  sold  some  Intel- 
based  low-end  servers.  Why  did 
you  discontinue  those  products 
and  switch  to  AMD  for  x86  proc-  ; 
essors?  Before  [Intel]  came  out  : 
with  Woodcrest,  their  products  were  : 
not  at  all  performance-competitive 
with  AMD’s.  Because  we  were  just 
starting  out  in  the  [x86]  business,  we  = 
decided  to  concentrate  our  engineer-  : 
ing  and  marketing  resources  around  ■■ 
AMD,  and  that’s  been  very  successful  - 
for  us.  Now  we’re  at  a  stage  where 
adding  Intel  is  a  very  logical  thing  to  : 


do  -  especially  since  their  technology 
has  improved  dramatically. 

Intel  wants  to  expand  the  reach  of 
x86  systems  in  enterprise  markets 
where  Sun  is  a  big  player,  includ¬ 
ing  financial  services  and  telecom¬ 
munications.  It  sounds  as  if  it’s 
trying  to  take  some  of  your  Ultra- 
Sparc  market.  They’re  always  going 
to  want  to  do  that.  But  the  reality  of  it  is, 
if  Intel  is  going  to  take  my  UltraSparc 
market.  I’d  rather  it  be  in  the  product 
I  sell  as  opposed  to  somebody  else’s. 

Do  you  see  the  development  of 
Intel-based  servers  that  can  com¬ 
pete  with  your  high-end  UltraSparc 
systems  as  a  result  of  this  agree¬ 
ment?  There’s  nothing  presently 
planned  here  that’s  at  that  same 
scale.  Obviously,  in  the  lower  parts 
of  the  [server]  range,  they’ve  always 
been  competitive  with  UltraSparc, 
and  that  doesn’t  seem  to  matter. 
Sparc  [hardware]  still  does  quite  well. 
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Kingston  DataTraveler  Secure 
USB  Flash  drive 


When  employees  use  their  own  Flash  drives,  unprotected  data  could  be  lost  or  stolen,  jeopardizing 
your  company's  privacy,  profits  and  reputation. 

Kingston's  DataTraveler®  Secure  and  Secure  —  Privacy  Edition  provide  impenetrable  security  with 
256-bit  AES  hardware  encryption,  password  protection  and  lock-down  control.  They  deliver  high 
performance,  with  data  transfer  rates  of  up  to  24  MB/sec.  read  and  10  MB/sec.  write*  and  capacities 
up  to  8  GB.**  And  they're  easy  to  manage  and  use,  with  transparent,  on-the-fly  encryption  and  no 
admin  rights  required  to  initialize. 


Kincr^ton 

A »  T  E  C  h,Fn  0  L  0  G  Y 


PROTECTED  BY 

256-BIT 

AES  HARDWARE 

ENCRYPTION  > 


Protect  your  company’s  data  before  it’s  too  late. 


Don't  compromise  corporate  security.  Protect  your  company  by  standardizing  on  Kingston's 
DataTraveler  Secure  and  Secure  —  Privacy  Edition.  For  details,  visit  kingston.com/enterpriseusb. 


•Speed  may  vary  due  to  host  hardware,  software  and  usage,  ‘‘Please  note:  Some  of  the  listed  capacity  is  used  for  formatting  and  other  functions  and  thus  is  not  available  for  data  storage.  For  more  information,  please  consult 
Kingston’s  Flash  Memory  Guide  at  kmgston.com/Flash_Memory_Guide.  ©2007  Kingston  Technology  Company.  Inc.  17600  Newhope  Street.  Fountain  Valley,  CA  92708  USA  All  rights  reserved.  Alt  trademarks  and  registered 
trademarks  are  the  property  of  their  respective  owners. 
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Aicatel-Lucent 
Expects  Poor  Q4 


Alcatel-Lucent  SA  said  revenue 
and  profit  for  its  fourth  quarter 
will  be  significantly  lower  than  it 
was  a  year  earlier,  blaming  con¬ 
sumer  and  employee  uncertainty 
about  the  merger  of  Alcatel  SA 
and  Lucent  Technologies  Inc. 

The  merger  closed  on  Nov.  30. 
The  company  now  expects  com¬ 
bined  fourth-quarter  revenue  to 
total  €4.42  billion  ($5.7  billion 
U.S.),  down  from  €5.25  billion 
($6.77  billion  U.S.)  last  year.  The 
results  will  be  announced  Feb.  9. 


McAfee  Tool  Causes 
Notes  Problems 

The  latest  upgrade  to  McAfee 
Inc.’s  VirusScan  Enterprise  secu¬ 
rity  software  is  causing  hiccups 
for  some  versions  of  IBM’s  Lotus 
Notes.  The  problem  affects  users 
of  VirusScan  Enterprise  8.5i  who 
are  also  using  the  R6  or  R7  ver¬ 
sions  of  Lotus  Notes.  The  com¬ 
panies  recommend  disabling  two 
settings  in  McAfee’s  software; 
“Scan  all  server  databases”  and 
“Scan  server  mailboxes.” 


Sun  Reports  First 
Profit  in  a  Year 

Sun  Microsystems  Inc.  reported 
its  first  quarterly  profit  in  more 
than  a  year,  on  a  7%  increase  in 
revenue  in  its  second  fiscal  pe¬ 
riod,  which  ended  Dec.  31.  Sun 
credited  sales  of  its  x64  servers 
and  growing  acceptance  of  the 
Solaris  10  operating  system. 


IEEE  Working  Group 
OKs  802.11  Spec 

The  IEEE  802.11n  working  group 
has  approved  the  next  draft 
version  of  the  wireless  LAN 
standard  specihcation.  A  release 
of  the  draft  will  begin  shipping 
this  week  as  Version  2.0.  Vot¬ 
ing  on  the  final  Version  2.0  is 
expected  to  be  completed  by  the 
end  of  March.  A  new  draft,  Ver¬ 
sion  3.0,  will  be  ready  by  the  end 
of  May. 


i  Feds  to  Let  Two  Firms 
pfest  E-voting  Machines 

:  NIST  certifies  iBeta,  SysTest  Labs 
:  under  latest  requirements  guidelines 


BY  MARC  L.  SONOINI 

HE  FEDERAL  gov¬ 
ernment  this  month 
took  the  first  step  in 
certifying  two  labo¬ 
ratories  for  testing  electronic 
voting  machines. 

The  National  Institute  of 
Standards  and  Technology 
(NIST),  in  its  role  as  a  scientif¬ 
ic  adviser  to  the  U.S.  Election 
Assistance  Commission  (EAC), 
said  that  the  labs  of  iBeta 
Quality  Assurance  in  Aurora, 
Colo.,  and  SysTest  Labs  LLC 
in  Denver  meet  the  technical 
requirements  of  the  latest  fed¬ 
eral  testing  guidelines. 

A  decision  on  final  accredi¬ 
tation  will  come  after  the 
EAC  conducts  a  nontechnical 
evaluation  of  the  companies, 
including  reviews  of  their 
conflict-of-interest  policies, 
organizational  structures  and 
record-keeping  procedures, 
said  an  EAC  spokeswoman. 

The  agency  has  not  set  a 
timetable  for  finishing  its  part 
of  the  certification  process, 
the  spokeswoman  said.  How¬ 
ever,  she  added,  “completing 
this  process  in  a  timely  fash¬ 
ion  is  a  top  priority.” 

Carolyn  Coggins,  quality 
assurance  director  for  voting 
at  iBeta,  said  her  company  ex¬ 
pects  to  learn  the  next  step  in 
the  process  in  a  letter  the  EAC 
should  be  sending  out  during 
the  next  couple  of  weeks. 

A  Moving  Target 

Coggins  did  note  that  the 
guidelines  are  a  moving  target. 
The  EAC  is  already  re-evaluat- 
ing  the  2005  standards,  and 
new  criteria  will  likely  be  re¬ 
leased  later  this  year,  she  said. 

The  EAC  is  tasked  with 
creating  a  framework  to  help 
states  comply  with  the  Help 
America  Vote  Act,  which  Con¬ 
gress  passed  in  2002  to  im¬ 
prove  federal,  state  and  local 


voting  processes.  The  law  di¬ 
rected  states  to  replace  manual 
voting  systems  with  electronic 
ones  and  tasked  the  EAC  with 
developing  a  national  program 
for  the  testing,  certification 
and  decertification  of  e-voting 
machines. 

The  EAC  does  not  require 
that  states  use  only 
e-voting  machines  that 
it  certifies.  However, 
some  states,  including 
New  York,  do  mandate 
that  all  machines  be 
certified  by  the  agency. 

The  NIST  approval 
of  the  iBeta  and  Sys¬ 
Test  processes,  an¬ 
nounced  on  Jan.  18,  is 
the  latest  milestone  in 
a  process  that  has  been  mostly 
in  a  state  of  flux  since  the 
EAC’s  creation  in  2002. 

Before  that,  accrediting 


test  labs  and  certifying  voting 
machines  was  done  on  a  vol¬ 
untary  basis  by  the  National 
Association  of  State  Election 
Directors,  using  guidelines 
issued  by  the  Federal  Election 
Commission  (EEC),  which 
oversees  election  laws. 

Shifting  Responsibility 

The  EEC  issued  its  final  guide¬ 
lines  in  2002,  just  before  the 
EAC  took  over  that  responsi¬ 
bility. 

The  EAC  issued  its 
first  set  of  guidelines 
in  2005,  the  EAC 
spokeswoman  said. 
The  two  labs  NIST 
approved  this  month 
were  audited  under 
both  the  2002  and 
the  2005  guidelines, 
she  said. 

The  EAC  already 
offers  an  interim  accredita¬ 
tion  to  testing  labs  whose 
operations  were  approved  by 
the  voluntary  group  under  its 


2002  guidelines  but  have  yet 
to  gain  approval  for  meeting 
2005  specifications.  The  in¬ 
terim  certification  is  valid  only 
through  2008. 

SysTest  and  Wyle  Labora¬ 
tories  Inc.  in  Huntsville,  Ala., 
earned  interim  EAC  accredi¬ 
tation  in  August  2006,  the 
spokeswoman  said.  A  third 
testing  firm,  Ciber  Inc.  in 
Greenwood  Village,  Colo., 
has  been  evaluated  but  has  yet 
to  gain  the  commission’s  ap¬ 
proval,  she  said. 

Despite  the  progress,  some 
e-voting  experts  still  con¬ 
sider  the  testing  process  to 
be  flawed.  Michael  Shamos,  a 
professor  who  specializes  in 
e-voting  issues  at  Carnegie 
Mellon  University  in  Pitts¬ 
burgh,  believes  that  the  entire 
system  of  testing  and  certify¬ 
ing  e-voting  machines  must  be 
redrawn.  He  contended  that 
inaction  by  the  election  agency 
will  cause  a  loss  of  confidence 
in  the  voting  system. 

He  also  said  that  the  entire 
machine  design,  implementa¬ 
tion,  certification  and  testing 
process  must  be  completely 
transparent,  and  that  the 
federal  government  must 
mandate  adherence  to  EAC 
guidelines.  * 


New  York  Halts  E-voting  Machine  Testing 


THE  NEW  YORK  STATE  Board  of 
Elections  has  suspended  the  testing 
and  certifying  of  electronic  voting 
machines  after  learning  of  flaws  in 
the  test  methods  of  the  company  it 
hired  to  do  the  job. 

For  several  months,  Ciber  Inc. 
had  been  testing  machines  under 
evaluation  for  purchase  by  the  state 
under  a  $3  million  contract  signed 
in  2005. 

The  Ciber  testing  process  had 
gained  accreditation  under  federal 
guidelines  set  in  2002  but  has  yet 
to  be  certified  for  meeting  updated 
requirements  created  in  2005. 

The  U.S.  Election  Assistance 
Commission  last  summer  failed  to 
grant  Ciber’s  request  to  gain  special 
interim  accreditation  that  is  avail¬ 
able  to  companies  whose  applica¬ 
tion  for  2005  certification  has  yet  to 
be  acted  upon. 

That  failure,  first  reported  by  The 


New  York  Times  earlier  this  month  : 
and  confirmed  last  week  by  the  EAC,  • 
was  blamed  on  undisclosed  prob-  t 

lems  with  Ciber’s  documentation  I 

process,  said  an  EAC  spokeswoman.  • 
The  EAC  has  so  far  declined  to  * 
provide  a  report  on  its  audit  of  the  j 
Ciber  process  to  New  York  officials  : 
or  to  make  it  public.  • 

“The  initial  audit  identified  issues,  • 
and  we  asked  [Ciber]  to  address  ' 

them,”  the  spokeswoman  said.  : 

“They  came  back  and  gave  us  an  * 

update  on  whafs  happening,  and  • 

we’re  now  reviewing  that  informa-  ] 
tion.  The  process  requires  due  ! 

diligence."  ; 

Late  last  week,  Ciber  sent  150  • 

pages  of  information  about  the  audit  ] 
to  state  officials.  A  spokesman  for  : 
the  New  York  State  Board  of  Elec-  • 
tions  said  its  staff  is  reviewing  the  • 
material.  : 

The  spokesman  said  the  state  : 


will  not  allow  Ciber  to  continue 
testing  machines  until  it  can  identify 
the  problems  in  its  processes.  The 
review  will  be  done  “expeditiously.” 
said  the  spokesman. 

A  Ciber  spokeswoman  defended 
the  company’s  testing  lab  and  its 
processes. 

In  an  e-mail  statement  to  Com- 
puterworld,  she  said,  “The  issues 
found  in  the  audit  do  not  reflect  on 
the  accuracy  of  tests  conducted 
before  the  audit.  Ciber  was  ac¬ 
credited  at  the  time  those  tests  were 
conducted,  and  they  met  all  of  the 
standards  set  for  testing  and  ac¬ 
creditation  at  that  time.” 

The  spokeswoman  said  that  the 
issues  raised  in  the  initial  audit  have 
been  addressed  and  that  Ciber 
staffers  “are  awaiting  final  results 
from  the  EAC”  on  the  accreditation 
application. 

-MARC  L.S0N6INI 


FEDERAL  RULES 
for  testing 
of  e-voting 
machines  are 
still  in  flux. 
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Spotting  System  Intrusions  a  Big  Challenge  for  IT 

Lag  between  breach  at  TJX  and  its 
discovery  isn’t  a  surprise,  execs  say 


BY  JAIKUMAR  VIJAYAN 

Protecting  corporate  systems 
against  intruders  isn’t  easy. 

But  detecting  a  breach  that 
has  actually  happened  can 
sometimes  be  even  harder,  IT 
managers  and  analysts  said 
last  week  in  the  wake  of  the 
high-profile  data  compromise 
at  The  TJX  Companies  Inc. 

The  system  intrusion  at  the 
Framingham,  Mass.-based 
retailer  occurred  last  May  but 
wasn’t  discovered  until  mid- 
December  —  seven  months 
later.  TJX  publicly  disclosed 
the  breach  two  weeks  ago. 

In  a  similar  incident  at  Ohio 
University,  a  server  break-in 
that  exposed  the  personal  data 
of  about  137,000  alumni  went 
unnoticed  for  more  than  a 
year  before  being  discovered 
last  spring  along  with  several 
other  security  breaches. 

The  gap  between  the  intru¬ 
sion  at  TJX  and  its  discovery 
isn’t  entirely  surprising,  given 
the  myriad  ways  attackers 
can  gain  access  to  systems 
and  then  conceal  their  tracks, 
said  Drew  Maness,  a  senior 
security  strategist  at  a  large 


But  agencies  still 
working  out  how 
to  merge  systems 

BY  LINDA  ROSENCRANCE 

The  U.S.  Department  of  Vet¬ 
erans  Affairs  and  the  U.S.  De¬ 
partment  of  Defense  last  week 
said  they  have  agreed  to  de¬ 
velop  a  joint  electronic  health 
records  (EHR)  system. 

But  officials  from  the  VA 
and  DOD  indicated  at  a  con¬ 
gressional  hearing  that  the 
two  agencies  still  haven’t  fig¬ 
ured  out  exactly  how  to  meld 
the  separate  health  records 
technologies  they  now  use. 

In  identical  comments  sub¬ 
mitted  at  the  hearing  held  by 
the  Senate  Committee  on  Vet¬ 
erans’  Affairs,  VA  Deputy  Sec- 


entertainment  company  that 
he  asked  not  be  named. 

“The  reason  it’s  so  difficult 
[to  discover  a  data  breach]  is 
because  it  can  come  at  you 
from  any  angle,”  Maness  said. 
“With  physical  security,  it’s 
very  rare  that  someone  breaks 
in  through  a  side  wall  on  the 
eighth  floor.  With  computer 
security,  they  come  in  through 
that  side  wall.” 

To  quickly  and  consistently 
detect  such  intrusions,  IT 
managers  need  to  be  able  to 
collect  and  analyze  literally 
every  transaction  flowing 
through  their  networks  in 
real  time,  according  to  Man- 

With  physical 
security,  it’s  very 
rare  that  someone 
breaks  in  through  a 
side  wall  on  the  eighth 
floor.  With  computer 
security,  they  come  in 
through  that  side  wall. 

DREW  MANESS, 

SENIOR  SECURITY  STRATEGIST 


retary  Gordon  Mansfield  and 
David  Chu,  undersecretary 
of  defense  for  personnel  and 
readiness,  said  the  agencies 
see  “an  opportunity  to  explore 
a  ‘born  seamless’  approach  for 
a  joint  inpatient  EHR.” 

Analysis  Planned 

But  Mansfield  added  that  there 
are  some  known  differences 
between  the  VA’s  and  DOD’s 
health  care  data,  processes 
and  requirements.  A  planned 
analysis  “will  identify  the 
areas  of  commonality  and  the 
areas  of  uniqueness”  and  then 
determine  the  potential  ben¬ 
efits  and  downsides  of  deploy¬ 
ing  a  common  EHR  system, 
Mansfield  said. 

Last  week’s  announcement 
came  seven  months  after  the 


ess.  “You’ve  got  to  know  what 
every  single  packet  on  the  net¬ 
work  is  doing,  where  it’s  com¬ 
ing  from,  where  it’s  going  and 
which  ones  are  bad,”  he  said. 

That  can  be  a  huge  chal¬ 
lenge,  considering  the  sheer 
number  of  transactions  and 
the  terabytes  of  storage  space 
required  on  a  daily  basis  to 
store  log  data  about  all  of 
them,  said  David  Jordan,  chief 
information  security  officer  for 
Virginia’s  Arlington  County.  It 
also  requires  comprehensive 
modeling  of  typical  network 
behavior  enterprisewide  so 
any  abnormal  activity  can  be 
pinpointed,  Jordan  said. 

Few  Existing  Products 

For  now,  at  least,  there  are 
few  out-of-the-box  products 
that  can  help  companies  do 
end-to-end  log  collection  and 
real-time  data  correlation  and 
analysis,  said  Amer  Deeba, 
vice  president  of  marketing 
at  Qualys  Inc.,  a  vulnerability 
management  services  provider 
in  Redwood  Shores,  Calif.  And 
the  cost  of  custom-building 
such  capabilities  can  be  pro¬ 
hibitive,  added  Deeba. 

But  there  are  some  tools 
that  IT  managers  can  use  to 
address  parts  of  the  challenge. 


health  Records 

Government  Accountability 
Office  issued  a  report  calling 
on  the  VA  and  DOD  to  im¬ 
prove  their  efforts  to  standard¬ 
ize  health  records.  The  GAO 
said  the  agencies  had  made 
some  progress  in  sharing  data 
about  patients  who  receive 
care  from  both  departments. 
But  the  agencies  had  yet  to  de¬ 
velop  a  clearly  defined  project 
management  plan,  it  added. 

Chu  testified  last  week  that 
the  DOD  “is  aware  of  the  con¬ 
cerns  regarding  the  time  it  has 
taken  to  establish  the  desired 
level  of  interoperability.” 

The  ultimate  goal,  Chu  said, 
is  to  create  health  care  records 
that  can  be  accessed  and  used 
by  doctors  “regardless  of 
which  health  care  system  they 
are  operating  within.” » 


Deeba  noted.  For  instance, 
several  logging  and  monitor¬ 
ing  tools  are  available  for 
quickly  detecting  unauthor¬ 
ized  database  activity. 

USEC  Inc.,  a  $1.6  billion 
energy  company  in  Bethesda, 
Md.,  uses  an  appliance  from 
Guardium  Inc.  to  monitor  the 
activities  of  the  administrators 
who  manage  the  Oracle  and 
SQL  Server  databases  underly¬ 
ing  its  financial  applications. 
The  Guardium  device  can 
detect  unauthorized  changes 
and  other  policy  violations 
that  could  affect  the  integrity 
of  USEC’s  financial  data,  said 
CIO  David  Vordick. 

The  technology  also  enables 
USEC  to  monitor  compliance 
with  Sarbanes-Oxley  financial 
reporting  regulations  and 
provides  the  company  with  a 
real-time  security-alerting  ca¬ 
pability,  Vordick  said. 

Accor  North  America,  a 


CREDIT  AND  DEBIT  CARD  num¬ 
bers  compromised  in  the  security 
breach  at  TJX  have  been  fraudu¬ 
lently  used  in  at  least  three  U.S. 
states  and  two  foreign  countries, 
according  to  a  group  that  repre¬ 
sents  Massachusetts  banks. 

The  Massachusetts  Bankers  As¬ 
sociation  (MBA)  said  that  as  of  last 
Wednesday,  card  numbers  taken 
from  TJX’s  systems  had  been  used 
to  make  fraudulent  purchases  in 
Georgia,  Florida  and  Louisiana,  as 
well  as  in  Hong  Kong  and  Sweden. 

Both  MasterCard  International 
Inc.  and  Visa  U.S.A.  Inc.  declined 
to  comment  on  the  MBA's  claims 
about  fraudulent  uses  of  card  num¬ 
bers.  TJX  officials  didn’t  respond  to 
requests  for  comments  about  the 
reported  misuse  of  card  data. 

In  addition,  the  MBA  said  it  is 
“strongly"  pushing  for  state  legisla¬ 
tion  that  would  require  credit  card 
firms  to  quickly  disclose  the  source 
of  a  retail  data  breach.  MasterCard, 
Visa  and  other  card  companies 
typically  don’t  divulge  that  informa¬ 
tion  to  card-issuing  banks  when 
notifying  them  of  security  incidents. 


Carrollton,  Texas-based  opera¬ 
tor  of  hotel  chains  such  as  Red 
Roof  Inns  and  Sofitel,  is  using 
an  appliance  from  Imperva 
Inc.  to  detect  unusual  database 
activity  as  it  occurs.  Such  tools 
let  companies  move  from  a 
“passive  security”  model  to 
a  more  aggressive  one,  said 
Jaimin  Shah,  a  senior  security 
engineer  at  Accor. 

Being  able  to  do  the  same 
kind  of  monitoring  of  all  net¬ 
work  and  system  assets  could 
help  companies  detect  suspi¬ 
cious  activity  more  quickly, 
Shah  said.  “The  problem  is 
that  monitoring  generates  a 
tremendous  amount  of  logs,” 
he  said,  adding  that  “getting 
the  right  information  as  quick¬ 
ly  as  we  can”  is  a  challenge. 

Vendors  such  as  LogLogic 
Inc.  are  beginning  to  offer 
more  efficient  ways  to  sift 
through  log  data,  Maness  said. 
But  he  still  expects  it  to  take 
up  to  10  years  to  develop  true 
end-to-end  capabilities  for 
tracking  networks.  * 


Daniel  Forte,  the  MBA’s  CEO, 
said  In  a  statement  that  the  credit 
card  companies  also  should  hold 
the  source  of  a  breach  financially 
liable  -  especially  If  the  retailer 
was  storing  card  data  in  violation 
of  the  Payment  Card  Industry  (PCI) 
Data  Security  Standard. 

TJX  hasn’t  disclosed  what  in¬ 
formation  was  compromised.  But 
according  to  the  MBA  and  other 
financial  industry  sources,  the  re¬ 
tailer  appears  to  have  been  storing 
account  numbers,  expiration  dates 
and  other  so-called  Track  2  data 
taken  from  the  magnetic  stiipe  on 
the  back  of  cards.  Keeping  such 
data  is  forbidden  under  PCI. 

The  fact  that  Track  2  data  likely 
was  among  the  compromised 
information  is  disappointing,  said 
Ryan  Fisher,  senior  risk  manager 
at  Madison,  Wis.-based  CUNA 
Mutual  Group,  which  insures  about 
5,500  credit  unions.  He  also  said 
there  is  “a  certain  level  of  disap¬ 
pointment”  that  credit  card  com¬ 
panies  haven’t  been  enforcing  the 
PCI  standards  more  effectively. 

-  JAIKUMAR  VIJAYAN 


VA,  Pentagon  Commit  to  Joint  E- 


Bankers  Association  Says  Stolen 
Card  Data  Was  Used  in  Purchases 


.INFRASTRUCTURE  LOG 

_DAY  45:  These  underutilized  storage  boxes  have  proliferated 
exponentially.  Their  inability  to  share  capacity  has 
doomed  us.  We’re  trapped  in  a  maze  of  our  own  creation. 

_DAY  47:  I  tried  to  give  Gil  a  boost  over  this  wall,  but 
he  pulled  a  hammie. 

_DAY  48:  I’ve  taken  back  control  with  IBM  System  Storage™ 
SAN  Volume  Controller.  It  puts  my  entire  storage  universe 
into  a  simple,  virtualized  pool.  And,  unlike  EMC,  IBM  has 
fourth-generation  virtualization  technology  and  over  2,000 
customers.  I  am  seeing  results. 

.Productivity  is  up.  Utilization  is  up.  I.T.  guys  lost  in 
mazes  of  data  is  down. 


IBM.COM/TAKEBACKCONTROL/STORAGE 
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Linux  Groups  Join  to 
Take  on  Microsoft 

Open  Source  Development  Labs 
Inc.  and  Free  Standards  Group 
Inc.,  two  key  champions  of  the 
open-source  Linux  operating 
system,  have  merged  to  form 
the  Linux  Foundation.  The  new 
group  will  focus  on  helping  the 
Linux  community  more  effec¬ 
tively  compete  with  Microsoft 
Corp.’s  Windows  software, 
Linux’s  primary  competitor.  The 
combined  entity  will  employ  45 
workers  and  have  about  70  user, 
vendor  and  university  members. 

Oracle  Adds  Linux 
Management  Tools 

Oracle  Corp.  has  unveiled  a  line 
of  management  tools  for  Linux, 
just  three  months  after  announc¬ 
ing  plans  to  provide  support  for 
Red  Hat  Inc.’s  implementation 
of  the  operating  system.  The 
Oracle  Management  Pack  for 
Linux  includes  tools  to  provision, 
patch,  monitor  and  administer 
Linux  server  deployments.  The 
software  is  part  of  the  Oracle 
Unbreakable  Linux  program. 

RSA,  VMware  Sales 
Propel  EMC*s  Q4 

Citing  strong  growth  in  its  RSA 
Security  Inc.  and  VMware  Inc. 
subsidiaries,  EMC  Corp.  reported 
a  19%  increase  in  fourth-quarter 
revenue.  Overall,  the  company 
said  its  systems,  software  and 
services  sales  showed  double¬ 
digit  growth  during  the  fiscal 
quarter  that  ended  Dec.  31. 


.  EMC  BY  THE  NUMBERS 
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FTC  OKs  Brocade’s 
McData  Acquisition 

The  Federal  Trade  Commission 
has  approved  the  pending  acqui¬ 
sition  of  McData  Corp.  by  Bro¬ 
cade  Communications  Systems 
Inc.  The  FTC  approval  removes 
the  last  regulatory  hurdle  to 
the  deal.  Brocade,  a  maker  of 
storage-area  network  switches, 
agreed  last  August  to  pay 
$713  million  in  stock  for  McData. 


[ON  THE  MARK 


Vista  Shows  Better 
Security  Than . . . 

...Mac  os  X  does.  That’s  the  view  of  Max  Caceres,  di¬ 
rector  of  product  management  at  Boston-based  Core 
Security  Technologies,  which  develops  network- 
penetration  testing  software  called  Core  Impact.  Cace¬ 
res  says  that  Microsoft  Corp.  uses  more  advanced 


security  techniques  in  Win¬ 
dows  Vista  than  Apple  Inc. 
uses  in  its  operating  system. 
Mac  OS  X  “is  still  a  little  im¬ 
mature  in  terms  of 
security  compared  to 
Vista,”  he  contends. 

“On  paper,  Vista  is 
more  sound.”  As  an 
example,  Caceres 
points  to  the  way  Vista 
handles  memory  man¬ 
agement.  Information 
stored  in  RAM,  he 
says,  is  “randomized, 
making  it  more  difficult  to  ex¬ 
ploit.”  That’s  not  the  case  with 
the  Mac  software,  accord¬ 
ing  to  Caceres.  But,  he  adds, 
Apple’s  Unix  roots,  more 
frequent  operating  system 
release  cycle  and  apparent  in¬ 
difference  to  backward  com¬ 
patibility  make  the  Mac  “well 
positioned  to  change  its  secu¬ 
rity  model  real  quickly.”  Plus, 
he  notes,  security  threats  are 
a  market  share  issue.  As  long 
as  Windows  dominates  the 
desktop,  he  predicts,  it  will  at¬ 
tract  most  of  the  malware. 

But  how  long  will  that 
dominance  persist?  Mac  unit 


CACERES: 
Vista  is  sound 
an  security  -  oi 
paper,  at  least. 


sales  jumped  28%  last  quarter, 
according  to  Apple,  while  PC 
sales  languished  in  single¬ 
digit  growth,  according  to 
everyone.  Although 
the  Mac’s  market 
share  remains  anemic 
compared  with  that 
of  Windows,  Apple’s 
hardware  is  showing 
up  more  often  in  busi¬ 
nesses.  Mitchell  Ashley, 
chief  technology  officer 
at  Latis  Networks  Inc.’s 
StillSecure  operat¬ 
ing  unit  in  Superior,  Colo., 
says  his  company’s  Safe  Ac¬ 
cess  network  access  control 
software  has  always  had  to 
deal  with  Macs.  But  recently, 
that  has  changed  from  the 
occasional  encounter  to  an 
everyday  occurrence.  “Today, 
it’s  a  requirement  for  global 
network  access  control  [tools] 
to  manage  Macs,”  Ashley  says. 

Security  show  may 
end  in  tears  for . . . 

. . .  the  bad  guys.  Heading  to  the 
RSA  Conference  next  week 
in  San  Francisco?  Expect  to 
find  enough  new  products  to 
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data  loss  is 
the  top  threat. 


HOT  TECHNOLOGY  TRENDS,  NEW  PRODUCT 
NEWS  AND  INDUSTRY  BUZZ  BY  MARK  HALL 


make  a  black-hat  hacker  weep 
in  despair.  Take  PacketSentry 
2.2,  a  software  upgrade  that 
San  Jose-based  PacketMotion 
Inc.  plans  to  add  to  its  security 
appliances  early  next  month. 
According  to  Bob  Pratt,  Packet- 
Motion’s  director  of  product 
marketing,  the  upgrade  lets 
you  get  policy-based  alerts 
about  actions  end  users  take 
on  specific  files.  For  example, 
you  can  be  notified  if  anyone 
tries  to  delete  .xls  files  in  a 
given  directory  during  the 
run-up  to  a  quarterly  financial 
report.  The  PacketSentry  de¬ 
vices,  which  start  at  $45,000, 
also  collect  file  access  his¬ 
tories  and  store  them  in  an 
Oracle  database  for  audit  uses. 

Steve  Roop,  vice  president 
of  marketing  at  Vontu  Inc., 
says  that  in  a 
recent  survey 
he  commis¬ 
sioned  Forrest-  Said  in  a 

er  Research  Forrester 

Inc.  to  conduct,  survey  that 

52%  of  I5I  se¬ 
curity  decision¬ 
makers  at  large  companies 
reported  that  their  organiza¬ 
tions  had  lost  confidential  data 
via  insiders  using  removable 
media.  To  help  put  a  stop  to 
that,  San  Francisco-based 
Vontu  will  add  an  Endpoint 
Monitor  feature  when  Version 
7  of  its  namesake  software 
ships  in  late  March.  You’ll  be 
able  to  see  who  copied  what 
information  when,  and  where 
it  went.  Vontu  can  fingerprint 
content  for  protection,  and 
Version  7  will  let  you  keep 
track  of  double-byte  code  files 
with  Asian-language  data. 
Pricing  starts  at  $25,000. 

Wasim  Ahmad,  vice  presi¬ 
dent  of  marketing  at  Voltage 
Security  Inc.  in  Palo  Alto, 
Calif.,  says  his  company’s 
product  line  “eliminates  the 
whole  rigmarole  of  complex¬ 
ity”  around  encryption  tools. 
At  RSA,  the  company  will  an¬ 
nounce  the  Voltage  Security 
Network,  which  businesses 
can  use  for  on-demand  e-mail 
encryption  for  $95  per  user 
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PacketMotion’s  appliances  keep 
tabs  on  what  users  do  with  files. 

annually.  Voltage  Security 
also  has  boosted  the  scalabil¬ 
ity,  authentication,  manage¬ 
ment  and  reporting  features 
of  SecureMail,  its  flagship 
encryption  software.  And  by 
summer,  it  plans  to  release  an 
offering  called  the  Data  Pro¬ 
tection  System  for  companies 
that  need  to  encrypt  data  for 
service-oriented  architecture 
applications. 

JustWHOIS 
the  owner  of . . . 

. . .  that  Web  site?  If  you  use 
the  WHOIS  command  on  the 
Internet,  you’ll  likely  learn 
the  to  answer  to  that  question. 
But  if  the  Internet  Corpora¬ 
tion  for  Assigned  Names  and 
Numbers  (ICANN)  follows 
the  advice  of  the  Electronic 
Privacy  Information  Center 
and  other  privacy  advocates, 
it  will  adopt  a  new  registra¬ 
tion  policy  called  operational 
point  of  contact,  which  re¬ 
stricts  the  data  available 
online.  Frederick  Felman, 
chief  marketing  officer  at 
MarkMonitor  Inc.  in  San 
Francisco,  thinks  that  would 
be  a  big  mis¬ 
take.  Felman 
says  ICANN 
should  adopt 
a  special- 
circumstances 
policy  that 
permits  only 
people  with 
legitimate 
needs,  such 
as  homes 
for  abused  women,  to  mask 
their  Web  site  ownership 
and  contact  data.  He  argues 
that  WHOIS  is  a  vital  tool  for 
quickly  shutting  down  mal¬ 
ware  sites  and  protecting  us¬ 
ers  from  phishing  attacks.  * 


ICANN  might 
restricttoo 
much  WHOIS 
data,  worries 
FELMAN. 
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»  Branch  office  application  performance  plummeting  with  each  IT  initiative?  See  how  Juniper  makes  any  branch  office 
faster,  with  Juniper  Networks  Application  Acceleration  solutions. 

Only  Juniper  provides  acceleration  across  the  broadest  range  of  application  types  for  branch  offices,  along  with  an 
extensive  portfolio  of  complementary  security  and  transport  solutions.  So  roll  out  new  applications  while  web-enabling 
others.  Replicate  and  back  up  data  continuously  across  the  WAN.  Save  on  hardware,  application  license  and  WAN 
service  costs  by  centralizing  servers  and  consolidating  data  centers  -  all  while  providing  LAN-like  application  response 

for  branch  office  users:  www.juniper.net/acceleration 
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Chicago  Elections  Board 
Faces  Charges  Over  Breach 


Lawsuits  hit  panel  over  distribution  of 
discs  with  Social  Security  numbers 


BY  JAIKUMAR  VIJAYAN 

For  the  second  time 

since  October,  the  Chi¬ 
cago  Board  of  Elections 
is  facing  claims  that 
it  failed  to  adequately  protect 
the  privacy  of  voter  data.  And 
the  board  finds  itself  in  court 
over  the  latest  case,  which 
has  its  roots  in  a  2003  fire  that 
temporarily  left  workers  un¬ 
able  to  access  its  mainframes. 

State  and  federal  class- 
action  lawsuits  filed  last  week 
claim  that  the  elections  board 
acted  negligently  in  late  2003 
and  early  2004  when  it  distrib¬ 
uted  more  than  100  CD-ROMs 
containing  the  Social  Security 
numbers  and  other  personal 
data  of  more  than  1.3  million 
voters  to  aldermen  and  mem¬ 
bers  of  local  ward  committees. 

The  ITpage  state  and  six- 
page  federal  lawsuits  ask  that 
the  board  be  ordered  to  re¬ 
cover  the  discs  and  erase  the 
data  on  them.  The  lawsuits, 
which  seek  unspecified  mon¬ 
etary  damages,  also  call  on  the 
board  to  notify  all  the  individ¬ 
uals  affected  by  the  breach. 

“What  we’d  like  to  see  is 
some  sort  of  an  endowment 
for  people  whose  credit  might 
have  been  damaged  by  this,” 
said  Nick  Kefalos,  the  attorney, 
who  filed  the  lawsuits.  Kefalos 
works  at  Vernor  Moran  LLC,  a 
Chicago-based  law  firm. 

How  !t  Happened 

Jim  Alien,  a  spokesman  for  the 
Chicago  Board  of  Elections, 
explained  that  under  Illinois 
law,  elections  authorities  are 
required  to  make  reports  on 
registered  voters  available  to 
candidates  and  local  officials. 

Typically,  the  data  provided 
doesn’t  include  the  Social 
Security  numbers  of  voters, 
Allen  said.  But,  he  added,  the 
discs  in  question  were  created 


using  data  that  employees 
downloaded  directly  from 
the  elections  board’s  main¬ 
frames  after  an  October  2003 
fire  forced  the  Cook  County 
Administration  Building  to 
be  evacuated  for  an  extended 
period. 

“They  had  to  do  a  massive 
download  because  they  were 
not  going  to  have  access 
to  the  mainframes  for  sev¬ 
eral  months,”  Allen  said.  The 
downloaded  data  included 
the  Social  Security  numbers 
of  more  than  1.3  million  of  the 
city’s  2.2  million  registered 
voters,  and  the  numbers  were 


“unfortunately  included  with 
the  basic  information”  sent  to 
local  officials,  he  said. 

According  to  Allen,  the  elec¬ 
tions  board  last  Monday  hand- 
delivered  letters  to  the  city’s 
ward  offices  requesting  that 
the  discs  be  returned. 

So  far,  he  said,  there  has 
been  no  indication  that  any 
of  the  personal  information 
has  been  used  for  fraudulent 
purposes.  Nor  have  Social  Se¬ 
curity  numbers  been  included 
on  any  discs  distributed  subse¬ 
quently,  Allen  said. 

The  breach  was  brought 
to  the  board’s  attention  last 
month  by  Peter  Zelchenko, 
who  is  running  for  an  al¬ 
derman’s  seat  in  an  election 
scheduled  for  Feb.  27. 


Zelchenko,  a  member  of  the 
Illinois  Ballot  Integrity  Project, 
also  disclosed  a  major  security 
breach  on  the  election  board’s 
Web  site  in  October.  That 
breach  not  only  allowed  users 
to  view  the  Social  Security 
numbers  of  registered  voters, 
but  it  also  let  them  edit  and 
delete  the  information. 

The  board  has  since  fixed 
the  problem  and  removed  all 
but  the  last  four  digits  of  the 
Social  Security  numbers  listed 
on  its  site,  Allen  said.  It  also 
hired  Grant  Thornton  LLP,  a 
Chicago-based  auditing  and 
business  consulting  firm,  to 
help  it  with  data  security,  stor¬ 
age  and  control  issues. 

Zelchenko  said  the  newly 
discovered  breach  was  “far 


worse”  than  the  Web  site  prob¬ 
lem.  “There  is  now  not  one 
path  to  the  information,  but 
easily  hundreds,”  he  said. 

Noting  that  the  informa¬ 
tion  on  the  discs  also  includes 
birth  dates,  phone  numbers 
and  the  names  of  family  mem¬ 
bers,  he  said,  “You  couldn’t 
plan  a  more  ideal  package  for 
identity  theft.”  * 


Users  See  Potential  in  Lotus  Apps,  but  Rollouts  May  Wait 


BY  TODD  R.  WEISS 

ORLANDO 

At  its  Lotusphere  2007  confer¬ 
ence  last  week,  IBM  detailed 
upcoming  software  tools 
designed  to  enable  corporate 
users  to  collaborate  more 
efficiently  by  better  tying 
together  different  streams  of 
internal  information. 

Users  interviewed  at  the 
conference  generally  agreed 
that  the  promised  additions  to 
IBM’s  Lotus  product  line  could 
help  improve  their  collabora¬ 
tion  processes.  But  some  said 
it  might  be  a  while  before  their 
organizations  take  advantage 
of  the  new  tools. 

For  example,  an  IT  ad¬ 
ministrator  at  an  East  Coast 
utility  said  its  business  units 
use  different  applications  and 
systems,  posing  collaboration 
challenges.  Processes  could 
be  improved  by  using  some 
of  the  new  features  coming  in 
Version  8  of  IBM’s  Notes  and 
Domino  applications,  said  the 
administrator,  who  asked  to 
remain  anonymous. 

The  Notes  8  client  is  based 


New  Capabilities 


Key  features  in  IBM’s 
new  collaboration  tools 

■  Notes  8:  Includes  word 
processing,  spreadsheet  and 
presentation  tools  that  support 
the  OpenDocument  Format. 

■  Domino  8:  Lets  users  run 
applications  written  for  earlier 
versions  of  Notes  without  hav¬ 
ing  to  make  any  changes. 

■  Connections:  Enables  com¬ 
panies  to  set  up  “professional 
networks”  of  employees  for 
sharing  information. 

■  Quickr:  Supports  content 
sharing  via  wikis,  blogs,  con¬ 
tent  libraries,  RSS  feeds  and 
links  to  desktop  applications. 

on  the  Eclipse  open-source 
development  framework  and 
will  look  like  a  native  applica¬ 
tion  on  Windows,  Macintosh 
and  Linux  desktops,  according 
to  IBM.  The  IT  administrator 
said  that  should  make  the  soft¬ 
ware  “system-independent” 
while  also  making  it  easier  for 


end  users  to  access  data. 

But  he  added  that  his 
company’s  20,000  users  prob¬ 
ably  won’t  see  the  new  tools 
for  several  years.  The  utility 
is  still  upgrading  its  systems 
to  Version  7  of  Notes  and 
Domino  and  won’t  be  ready  for 
another  upgrade  right  away. 

Two  Lotus  Tools  Debut 

In  addition  to  announcing 
plans  to  release  Notes  and 
Domino  8  for  public  beta¬ 
testing  next  month,  IBM  in¬ 
troduced  two  new  Lotus  prod¬ 
ucts:  an  information-sharing 
tool  called  Connections,  and  a 
collaborative  content-sharing 
program  called  Quickr. 

Hugh  Roddick,  director  of 
application  development  at 
Health  Canada’s  client  service 
center  in  Ottawa,  said  the  vari¬ 
ous  IBM  tools  could  eventually 
offer  major  usability  improve¬ 
ments  to  the  government 
agency’s  13,600  users. 

Currently,  many  of  the 
users  are  forced  to  rely  on 
paper-based  communication 
or  “cobbled-together”  elec¬ 


tronic  tools,  Roddick  said. 

Health  Canada  has  been 
testing  Notes  and  Domino  8 
for  several  months,  and  Rod¬ 
dick  said  the  integration  of 
new  functionality,  such  as 
document-editing  tools,  into 
Notes  will  let  users  run  fewer 
applications  at  one  time. 

Roddick  added  that  Connec¬ 
tions  could  allow  Health  Can¬ 
ada’s  in-house  knowledge  to 
be  cataloged  in  a  central  place. 
And  Quickr  could  enable  users 
to  run  searches  against  5,000 
or  so  Notes  document  storage 
repositories,  he  said. 

“One  of  the  problems  we’re 
trying  to  solve  is  that  there’s 
too  much  information,”  Rod¬ 
dick  said.  “You’ve  got  all  this 
corporate  information,  but  it’s 
in  little  silos.” 

But  Geert  Van  de  Steen,  a 
Notes  and  Domino  consultant 
at  TechTeam  A.N.E.  NV  in 
Zwijnaarde,  Belgium,  said  his 
customers  “would  laugh  at  me” 
if  he  suggested  they  deploy 
IBM’s  new  tools.  “We  are  pro¬ 
fessionals,”  he  said.  “We  don’t 
need  these  fancy  things.”  ► 
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Vista 


test  machines  this  year  —  or 
on  no  PCs  at  all. 

In  several  cases,  the  reasons 
extend  beyond  the  typical 
issues  that  delay  major  migra¬ 
tions.  High-profile  new  fea¬ 
tures  such  as  the  volume-acti¬ 
vation  and  product-validation 
tools  in  Vista  and  the  dramati¬ 
cally  different  user  interface  in 
Office  2007  are  causing  some 
IT  managers  to  think  hard 
about  their  upgrade  strategies. 

“The  new  UI  presents  a  sig¬ 
nificant  change-management 
issue  we  felt  we  couldn’t  absorb 
this  year,”  said  Charlie  Ward, 
an  enterprise  architect  at  Duke 
Energy  Corp.  So  the  Charlotte, 
N.C.-based  power  company 
will  delay  a  migration  to  Office 
2007  until  next  year.  Ward  said, 
even  though  it’s  anxious  to  take 
advantage  of  improved  col¬ 
laboration  capabilities  between 
the  desktop  applications  and 
Microsoft’s  SharePoint  Server 
software.  Duke  Energy  also 
expects  that  it  won’t  start  its 
separate  Vista  migration  until 
2008,  Ward  said. 

Yancey  Smith,  Office  group 
product  manager  at  Micro¬ 
soft,  said  the  new  Office  user 
interface,  which  is  called  Flu¬ 
ent,  was  designed  to  be  more 
intuitive.  The  company’s 
customer  research  shows  that 
83%  of  surveyed  users  think 
they  will  need  only  two  days 
to  two  weeks  to  learn  the  new 
interface,  and  85%  think  it  will 
improve  their  productivity,  ac¬ 
cording  to  Smith. 

More  Training  Needed 

But  IT  managers  such  as  Jim 
Prevo,  CIO  at  Green  Mountain 
Coffee  Roasters  Inc.  in  Water- 
bury,  Vt.,  fear  that  their  users 
will  need  more  training  than 
usual  on  Office  2007.  Prevo 
said  he  was  initially  stumped 
by  the  simple  task  of  opening 
a  file  when  he  installed  a  beta 
copy  of  the  desktop  suite. 

“I’m  a  geek  —  I  figure  things 
out  easily,”  he  said.  “Office 
2007  is  going  to  be  a  big  prob¬ 
lem  for  normal  people  unless 
we  give  them  some  training 
before  they  touch  it.”  As  a  re¬ 
sult,  upgrading  to  Office  2007 


f  Office  2007 
is  going  to  be 
a  big  problem  for 
normal  people  un¬ 
less  we  give  them 
some  training  before 
they  touch  it. 

JIM  PREVO.  CIO, 

GREEN  MOUNTAIN 
COFFEE  ROASTERS  INC. 


“isn’t  a  ‘slip  it  in  over  the  week¬ 
end’  kind  of  project,”  Prevo 
added.  He  said  he  expects  that 
no  more  than  5%  of  Green 
Mountain’s  PCs  will  be  run¬ 
ning  the  new  applications  by 
year’s  end. 

Other  executives  are  strug¬ 
gling  to  find  business  drivers 
for  migrations,  especially  if 
they  haven’t  bought  into  Soft¬ 
ware  Assurance,  the  Microsoft 
maintenance  program  that 
entitles  users  to  product  up¬ 
grades.  There  aren’t  “enough 
new  features  to  create  any 
ROI”  on  Office  2007,  said  Dale 


Frantz,  CIO  at  Auto  Ware¬ 
housing  Co.  in  Tacoma,  Wash. 

Many  users  cited  traditional 
concerns  about  upgrading 
to  Vista,  such  as  the  need  to 
test  applications  and  a  desire 
to  wait  for  bug  fixes  that  will 
be  in  Microsoft’s  first  service 
pack  release.  But  a  new  twist 
with  Vista  is  its  Software  Pro¬ 
tection  Platform  technology,  a 
set  of  built-in  antipiracy  and 
antitampering  tools.  SPP’s 
software  activation  and  valida¬ 
tion  mechanisms  are  making 
some  customers  uneasy. 

“I  understand  it  and  why  it’s 
necessary.  It,’s  an  unfortunate 
byproduct  of  dishonesty  in 
the  IT  world,”  said  Christo¬ 
pher  Pesola,  associate  direc¬ 
tor  of  application  services  at 
Learning  Care  Group  Inc.  in 
Novi,  Mich.  But,  he  added, 

SPP  “seems  a  little  too  com¬ 
plex,  and  I’m  sure  someone 
has  already  figured  out  a  way 
around  it  anyway.” 

Microsoft  has  said  that  Vista 
must  be  activated  and  pass  a 
validation  test  within  30  days 


of  installation,  or  else  the  op¬ 
erating  system  will  go  into  a 
reduced-functionality  mode. 

Volume-license  customers 
have  two  activation  options. 
Multiple  Activation  Keys  can 
be  used  for  individual  comput¬ 
ers  or  a  group  of  systems  that 
connect  to  Micro¬ 
soft  servers  over 
the  Internet  or  by 
telephone.  The 
other  choice  is  the 
Key  Management 
Service  (KMS),  an 
internally  hosted 
system  for  auto¬ 
matically  activat¬ 
ing  PCs  or  laptops. 

A  company  must 
have  a  minimum 
of  25  Vista-based 
machines  con¬ 
nected  together  to 
use  KMS,  and  the  PCs  must  be 
reactivated  at  least  every  six 
months. 

“It  simply  complicates  things 
for  us  without  any  quid  pro 
quo  benefit,”  said  George 
Defenbaugh,  manager  of  glob¬ 


al  infrastructure  IT  projects 
at  Hess  Corp.  in  Houston.  “All 
the  work  is  on  our  side;  all  the 
benefit  accrues  to  Microsoft.” 

When  Hess  upgrades  to 
Vista,  it  will  use  KMS,  which 
Defenbaugh  described  as  “the 
only  reasonable  answer  for  a 
global  company 
with  5,000  client 
machines.”  But 
an  upgrade  won’t 
happen  until  next 
year  at  the  earliest, 
he  said. 

The  activation 
requirement  “is 
probably  the  big¬ 
gest  reason  we  are 
still  considering 
not  going  to  Vista,” 
said  Joe  Hartman, 
an  application 
development  man¬ 
ager  at  HydroChem  Industrial 
Services  Inc.  in  Deer  Park,  Tex¬ 
as.  “The  whole  process  sounds 
like  a  nightmare.”  With  only 
three  tech  support  staffers,  he 
said,  any  added  burden  could 
“really  strain  our  resources.”  * 


m  In  this  issue;  Frank 
Hayes  envisions  a  sce¬ 
nario  iilustrating  why  it 
might  be  a  good  idea  to 
iet  one  or  two  trouble¬ 
some  users  become  Vista 
early  adopters.  Page  42 

H  For  full  Vista  coverage, 
including  hands-on  re¬ 
views,  how-to  articles  and 
more,  go  to  the  Windows 
Vista  A  to  Z  page  on  our 
Web  site:  computerworld. 
com/07/vlsta. 


Borland  Set  to  Unveil  New  ALM  Scheme,  Testing  Tool 


BY  HEATHER  HAVENSTEIN 

Borland  Software  Corp.  today 
plans  to  unveil  a  new  approach 
to  its  application  life-cycle 
management  business, 
called  Open  ALM,  and 
to  roll  out  a  new  prod¬ 
uct  designed  to  provide 
real-time  visibility  and 
software  quality  metrics 
for  each  phase  of  the  ap¬ 
plication  development 
process.  Tod  Nielsen,  presi¬ 
dent  and  CEO  of  Borland, 
and  Marc  Brown,  the 
company’s  vice  president 
of  product  marketing, 
discussed  the  announce¬ 
ments  in  an  interview 
with  Computerworld 
last  week. 


What  is  the  philosophy  behind 
Open  ALM,  and  how  does  it  meet  the 
demands  of  Borland  users? 

Nielsen:  A  year  ago,  we  an¬ 
nounced  our  double-down 
[bet]  on  the  ALM  marketplace. 
Customers  have  a  huge  pain 
point  with  their  software  de¬ 
livery  processes.  They  want 
to  turn  software  delivery  into 


a  managed  business  process 
instead  of  this  chaotic  thing 
they  have  going  on  now.  Open 
ALM  really  articulates  some 
of  the  core  values  we 
believe  are  important  to 
customers.  We  want  to 
make  sure  we  are  open 
to  any  particular  proc¬ 
ess  or  tools  process  ap¬ 
proach  that  they  take.  If 
they  use  any  [Borland] 
ALM  technology,  they 
are  not  forced  to  target 
Windows,  Java  or  any¬ 
thing  else. 

Brown:  If  we  look  at  how 
organizations  are  do¬ 
ing  software  delivery, 
they’re  really  struggling 
to  have  a  predictable 
and  managed  process.  We  are 
making  sure  that  our  Open 
ALM  platform  supports  any 
process  or  technology  they 
want  to  use  and  the  platform 
they  plan  to  deploy  their  ap¬ 
plications  on. 

Open  ALM  is  really  there 
to  help  automate  third-party 
or  open-source  data  collec¬ 


tions  to  drive  the  horizontal 
metrics  and  measurements 
that  organizations  need.  To¬ 
day,  organizations  can’t  man¬ 
age  what  they  can’t  measure. 

How  will  Borland’s  existing  prod¬ 
ucts  be  tailored  to  fit  into  the 
new  strategy?  Brown:  We  are 

continuing  to  build  out  the 
integration  for  all  our  prod¬ 
ucts  to  support  the  life-cycle 
activities.  [Our  products  need] 
to  give  organizations  either  a 
unified  ALM  report  or  dash¬ 
boards  so  they  can  get  those 
broader  life-cycle  views. 

What  do  you  mean  when  you  say 
that  the  broader  life-cycle  view  is 
kind  of  software  development  busi¬ 
ness  intelligence?  Brown:  One  of 
the  reasons  why  people  have 
not  talked  about  business 
intelligence  for  software  de¬ 
velopment  is  because  many 
technologies  [that  are]  used 
to  automate  those  processes 
collect  information,  hut  the 
information  is  housed  in  a  large 
range  of  disparate  data  islands. 
We’re  very  focused  on  what  the 


data  being  collected  across  the 
life  cycle  is.  Once  we  xmder- 
stand  that,  then  we  can  use  data 
warehouses  and  virtualization 
technology  to  bring  together 
the  data  that  is  being  collected 
[throughout]  the  life  cycle. 

What  is  Gauntlet,  the  product  that 
Borland  is  announcing  this  week? 
Brown:  Our  Lifecycle  Qual¬ 
ity  Management  [product]  is 
very  focused  on  addressing 
quality  assurance  across  the 
software  development  life 
cycle.  Gauntlet  extends  and  is  a 
complementary  technology  to 
that.  It  sits  on  top  of  a  version 
control  system,  and  it  monitors 
the  individual  assets  that  are 
being  checked  in  and  out  of  the 
version  control  system.  It  is  a 
way  to  automatically  inspect  an 
asset  for  a  particular  attribute 
like  a  security  vulnerability  or  a 
standard  code  violation.  Orga¬ 
nizations  now  have  a  very  good 
way  to  automate  a  number  of 
the  inspections  they  typically 
do  manually  today.  If  you  do 
see  a  deviation,  you  can  easily 
correct  that  in  real  time.  * 


TAKE  EVERYTHING  YOU  LOVE  ABOUT 
TECHNOLOGY  AND  MULTIPLY  IT. 


I 


TAKE  THE  POWER,  THE  PERFORMANCE,  THE 
ENERGY-EFFICIENCY,  THE  INNOVATION,  THE  FLEXIBILITY, 

THE  CONNECTIVITY,  THE  MOBILITY,  THE  SECURITY  - 
AND  MAXIMIZE  IT. 

NOW  TAKE  EVERYTHING  YOU  DON'T  LIKE  - 
THE  GOMPLEXITY  THE  LOUD  FANS,  THE  LAG  TIMES, 

THE  LOCKUPS,  THE  RUNAWAY  COSTS  -  AND  DELETE  IT 

IT'S  A  NEW  WAY  OF  COMPUTING  FOR  BUSINESS. 

AND  GREAT  BUSINESS  COMPUTING  STARTS  WITH  INTEL  INSIDE. 


Leap  ahead 


MULTIPLY  EVERYTHING  YOU  AND 
YOUR  COMPANY  CAN  DO. 


The  Intel*  Core™2  Duo  processor  delivers  record-breaking  performance,  unparalleled 
multi-tasking  capability,  and  improved  energy-efficiency.^  Utilizing  the  state-of-the-art  Intel* 
Core”  Microarchitecture,  it  can  easily  keep  pace  with  the  demands  of  21  st  century  business. 
Whatever  your  company's  needs,  Intel  Core  2  Duo  is  simply  the  performance  multiplier. 


MULTIPLY  SERVER  PERFORMANCE 

Fast.  Faster.  Quad-Core.  The  world's  first  quad-core  for  mainstream  servers,  the  Quad-Core 
Intel*  Xeon*  Processor  5300  series,  is  available  now.  Based  on  the  latest  Intel  Core 
Microarchitecture,  it  delivers  up  to  50%  more  performance^  within  the  same  power  envelope 
than  previous  Intel  Xeon  processors,  as  well  as  64-bit  capability  and  enhanced  virtualization 
capabilities.  It's  truly  the  ultimate  in  powerful,  dense  and  reliable  computing. 


MULTIPLY  LAPTOP  PERFORMANCE 

On  the  road?  Stay  on  your  game  with  Intel*  Centrino*  Duo  mobile  technology.  Featuring  two 
times  more  performance  while  using  less  energy,  Intel  Centrino  Duo  mobile  technology  with 
the  Intel  Core  2  Duo  processor  means  improved  battery-life,^  more  multi-tasking  capability, 
and  more  freedom.  You  go  farther,  and  so  can  your  business. 


MULTIPLY  DESKTOP  PERFORMANCE 

With  Intel®  vPro™  technology,  you  can  boost  security,  reduce  costly  deskside  visits,  and 
remotely  repair  PCs,  even  if  they're  powered  down.  Running  computing-intensive  64-bit 
applications  or  Microsoft*  Windows  Vista”  Premium?  Intel  vPro  technology  can  make  them 
blaze,  without  blazing  temperatures.  Featuring  the  energy-efficient  Intel  Core  2  Duo 
processor,  Intel  vPro  technology  delivers  40%  more  performance  with  reduced  power 
consumption,  so  you  multiply  your  productivity,  not  your  workload.'* 


The  story  doesn't  end  here.  Learn  even  more  about  how  Intel  Core  Microarchitecture  can 
multiply  your  business'  possibilities.  Visit  intel.com/multiply 
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Taiwan  Relaxes  Its 
Restrictions  on  China 

TOKYO 

AIWAN’S  GOVERNMENT  will  allow 
its  biggest  technology  companies 
to  invest  in  mainland  China,  but 
only  after  they  agree  to  make  equal  or 
better  investments  at  home,  a  govern¬ 
ment  minister  told  report¬ 
ers  here  last  week. 

“We  won’t  restrict  the 
investments  between 
Taiwan  and  mainland 
China,  but  [we  will]  try  to 
see  how  we  can  take  ad¬ 
vantage  of  the  economic 
relations  between  the  two 
sides,”  Jaushieh  Joseph 
Wu,  chairman  of  the 
government’s  Mainland 
Affairs  Council,  said  at  a 
news  conference  at  the 
Foreign  Correspondents’ 

Club  of  Japan. 

Late  last  year,  Taiwan  approved  re¬ 
quests  from  local  chip  makers  Powerchip 
Semiconductor  Corp.,  ProMOS  Technol¬ 
ogies  Inc.  and  Advanced  Semiconduc¬ 
tor  Engineering  Inc.  to  make  invest¬ 
ments  totaling  more  than  $800  million 
(U.S.)  in  factories  in  mainland  China. 

Those  moves  followed  negotiations 
between  government  officials  and  each 
company.  “When  they  are  willing  to 
put  $100  in  China,  we  are  asking  them, 
‘How  much  investment  are  you  willing 
to  put  in  Taiwan?’  ”  Wu  said.  “They 
have  to  come  up  with  some  promise, 
and  they  have  to  write  it  down.” 

■  MARTYN  WILLIAMS,  IDG  NEWS  SERVICE 

33%  Growth  Projected 
For  Indian  Outsourcers 

DELHI,  INDIA 

fl  NDIA’.S  SOFTWARE  and  services  ex- 
^  ports  are  expected  to  grow  by  33% 
to  more  than  $31  billion  (U.S.)  in  the 
fiscal  year  ending  March  31,  accord¬ 
ing  to  data  released  last  week  by  the 
National  Association  of  Software  and 
Service  Companies  (Nasscom). 

India’s  three  largest  outsourcing 
firms  —  Tata  Consultancy  Services 
Ltd.,  Infosys  Technologies  Ltd.  and 
vVipro  Ltd.  —  each  reported  strong  rev¬ 
enue  and  profit  growth  for  the  quarter 
that  ended  Dec.  31,  Nasscom  noted. 

The  country  is  on  course  to  achieve 
$60  billion  in  exports  by  2010,  the 
.Delhi-based  trade  organization  said. 


Nasscom  has  projected  exports  total¬ 
ing  $18  million  in  IT  services,  including 
software  development;  $8.3  billion  in 
business  process  outsourcing  and  call 
center  services;  and  $5  billion  in  engi¬ 
neering  services,  research  and  develop¬ 
ment  services,  and  product  develop¬ 
ment  work  during  the  fiscal  year. 

Employment  in  the  country’s  soft¬ 
ware  and  services  sector 
is  likely  to  reach  1.6  mil¬ 
lion  by  March  31,  up  from 
1.28  million  in  the  previ¬ 
ous  year,  Nasscom  said. 

The  organization  did 
warn  that  the  country 
must  improve  the  qual¬ 
ity  of  education  and  train 
more  staffers  in  order  to 
maintain  the  employment 
levels  needed  to  reach  the 
projected  total. 

■  JOHNRIBEIRO, 

IDG  NEWS  SERVICE 


Outsourcers  Unaffected 
By  Bangalore  Riots 

BANGALORE,  INDIA 

UTSOURCING  COMPANIES  here 
said  they  were  mostly  unaffected 
by  rioting  in  the  city  earlier  this 
month,  although  some  took  the  precau¬ 
tion  of  rerouting  staff  transportation 
routes. 

The  riots,  which  started  Friday, 

Jan.  19,  began  as  a  protest  of  the  hang¬ 
ing  of  former  Iraqi  President  Saddam 
Hussein  and  turned  violent  as  Muslims 
attacked  Hindu  establishments. 

On  Sunday,  Jan.  22,  a  Hindu  mob 
retaliated  against  Muslims  in  the  area. 
The  rioting  was  confined  to  a  volatile 
sector  of  downtown  Bangalore  where 
outsourcing  and  IT  companies  do  not 
have  operations,  observers  said. 

“We  are  working  as  usual,  and  our 
operations  were  not  affected,”  a  spokes¬ 
woman  at  Bangalore-based  Infosys  said. 

Staffers  traveling  to  work  at  out¬ 
sourcing  firm  iGate  Global  Solutions 
Ltd.  were  also  largely  unaffected  be¬ 
cause  most  arrived  before  rioters  got  to 
the  streets,  a  spokesman  said. 

Most  outsourcing  firms  offer  trans¬ 
portation  to  work  for  their  staffers,  and 
many  companies,  particularly  those 
doing  business  process  outsourcing, 
have  people  working  over  the  weekend. 
Many  used  alternate  routes  as  a  pre¬ 
caution  during  the  riots. 

■  JOHN  RIBEIRO,  IDG  NEWS  SERVICE 


Dutch  Prosecutors  Seek 
Prison  for  Botnet  Gang 

LONDON 

UTCH  PROSECUTORS  have  asked 
a  judge  to  jail  two  men  charged 
with  a  scheme  they  say  may  have 
infected  more  than  1  million  computers 
with  malicious  programs. 

Prosecutors  are  seeking  a  three-year 
prison  sentence  for  one  of  the  men 
and  a  two-year  sentence  for  the  other, 
said  Desiree  Leppens,  spokeswoman 
for  the  organized  crime  branch  of  the 
National  Public  Prosecution  Service  in 
Rotterdam,  the  Netherlands.  They  also 
recommended  that  each  pay  €30,000 
($38,000  U.S.)  in  fines,  she  said.  A 
judge  will  rule  on  the  case  on  Jan.  30. 
The  men  were  not  identified. 

Leppens  called  the  effort  the  larg¬ 
est  cybercrime  case  to  be  conducted 
in  the  Netherlands.  During  a  one-day 
trial  on  Jan.  16,  prosecutors  said  that  at 
least  50,000  computers  were  infected 
by  the  two  defendants,  who  are  20  and 
28  years  old.  The  pair  used  a  program 
called  Toxbot,  a  worm  that  can  be  used 
to  gain  remote  control  of  a  computer 
and  log  keystrokes,  prosecutors  said. 

■  JEREMY  KIRK,  IDG  NEWS  SERVICE 


HP  Opens  Research 
Laboratory  in  Russia 

ST.  PETERSBURG,  RUSSIA 

EWLETT-PACKARD  CO.  last  week 
opened  a  new  research  lab  here. 
The  laboratory  will  focus  on  in¬ 
formation  management  research,  said 
Beth  Keer,  director  of  the  Informa¬ 
tion  Services  and  Process  Innovation 
Lab  at  the  HP  Laboratories  operation. 
“There’s  a  lot  of  need  to  do  additional 
database  research,”  she  said.  “In  data 
mining  and  in  unstructured  data,  there 
are  challenges  in  understanding  what 
you  have  got.” 

Keer  noted  that  about  half  of  Russian 
university  students  choose  to  study 
mathematics  or  science.  “It’s  important 
for  us  to  be  where  that  talent  is,”  she  said. 

Keer  will  supervise  the  Russian  lab 
and  will  act  as  its  director  until  a  per¬ 
manent  one  is  appointed,  according 
to  HP.  The  company  is  also  recruiting 
researchers  for  the  new  lab,  which  will 
ultimately  employ  about  25  people, 

Keer  said. 

HP’s  largest  lab,  in  Palo  Alto,  Calif., 
employs  about  350  people.  Smaller  re¬ 
search  operations  are  located  in  Bristol, 
England;  Haifa,  Israel;  Tokyo;  Banga¬ 
lore;  and  Beijing,  Keer  said. 

■  PETER  SAYER,  IDG  NEWS  SERVICE 


Compiled  by  Mike  Bucken. 


Briefly  Noted 

Hedy  Holding  Co.  has  signed  an 
agreement  to  use  Advanced  Micro 
Devices  Inc.  microprocessors,  end¬ 
ing  the  Guangzhou,  China-based 
PC  manufacturer’s  policy  of  using 
only  chips  from  Intel  Corp.  Hedy  this 
month  brought  out  several  new  PCs 
based  on  AMD  chips  and  plans  to  add 
AMD-based  laptops  later  this  year. 

■  DAN  NYSTEDT,  IDG  NEWS  SERVICE 


BlueScope  Steel  Ltd.  in  Melbourne, 
Australia,  has  awarded  a  four-year 
contract  worth  $430  million  Austra¬ 
lian  ($379  million  U.S.)  to  Computer 
Sciences  Corp.  to  provide  consult¬ 
ing,  application  development  and 
support,  disaster  recovery,  systems 
integration  and  end-user  services 
over  multiple  platforms.  The  con¬ 
tract  extends  a  relationship  between 
BlueScope  and  CSC  that  began  in 
May  2000. 

■  DARREN  PAULI. 

COMPUTERWORLD  AUSTRALIA 


China  Mobile  Communications 
Corp.  last  week  agreed  to  purchase 

a  majority  stake  in  Pakte!  Ltd.  in 
Islamabad,  Pakistan,  from  Mil- 
licom  International  Cellular  SA  in 
Luxembourg.  The  deal,  valued  at 
$284  million,  includes  cash  and 
debt  payments  for  Millicom’s  88.9% 
stake  in  the  firm.  The  deal  marks 
Beijing-based  China  Mobile’s  first 
foray  outside  of  its  home  country. 

■  DAN  NYSTEDT  AND  JOHN  RIBEIRO, 
IDG  NEWS  SERVICE 


Jay  Y.  Lee  has  been  promoted  to 
chief  customer  officer  at  Samsung 
Electronics  Co.  In  the  newly  created 
position,  Lee,  son  of  Samsung  Group 
Chairman  Kun-Hee  Lee,  will  act  as 
a  bridge  between  Samsung  and  its 
most  important  customers  while 
working  to  form  alliances  with  cur¬ 
rent  and  prospective  customers,  the 
company  said. 

■  MARTYN  WILLIAMS, 

IDG  NEWS  SERVICE 


France  Telecom  SA  this  month 
moved  to  combine  its  15  worldwide 
research  centers  into  a  single  or¬ 
ganization  called  Orange  Labs.  The 
network  of  labs  unites  research  cen¬ 
ters  in  France,  China,  Japan,  Poland, 
South  Korea,  the  U.K.  and  the  U.S. 
France  Telecom  CEO  Didier  Lom¬ 
bard  said  the  combined  research 
unit  will  focus  its  work  on  telecom¬ 
munications  and  so-called  Web  2.0 
technologies. 

■  PETER  SAYER,  IDG  NEWS  SERVICE 


GLOBAL  FACT 


Number  of  Chinese  ci 


zens  who  gained  access 
to  the  Internet  during 
2006,  bringing  thelotaf 
number  of  internet  users 
in  China  to  137  million. 

SOURCE  CHINA  INTERNET 
NETWORK  INFORMATION 
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Giving  a  Chance 


the  blue  from  Jiten  Patel,  CIO  of  one 
such  organization  —  FINCA  Interna¬ 
tional  in  Washington.  Patel  was  eager 
to  make  us  at  Computerworld  aware  of 
FINCA’s  mission,  which  he  said  is  to 
“assist  the  underprivileged,  the  poor¬ 
est  of  the  poor  in  the  Third  World 
and  developing  countries  to  be  able 
to  stand  on  their  own  two  feet”  by 
means  of  microloans  of  $80  to  $200. 

“Most  of  the  people  we  lend  to 
happen  to  be  women,  which  speaks 
volumes  in  terms  of  the  impact  that 
has  on  a  child’s  mind  when  they  see 
their  mother,  sister  or  cousin  run¬ 
ning  a  micro-enterprise,”  Patel  said. 
“[That  will]  slowly  break  down  social 
taboos,  a  very  good  side  benefit.” 

By  the  way,  as  I  was  writing  this 
editorial,  I  took  a  quick  break  and 
loaned  $25  to  a  woman  in  Afghani¬ 
stan  named  Rohena  Faiz  Mohammad 
who  needs  $300  to  buy  beans  and 
peas  to  sell  on  the  street.  The  write¬ 
up  on  Kiva’s  Web  site  noted  that  it’s 
difficult  for  women  in  Afghan  society 
to  engage  in  a  business  like  this  and 
that  Rohena  is  struggling  to  over¬ 
come  that  obstacle. 

It  took  me  about  10  minutes  to 
make  the  loan.  It  was  worth  it. » 


Sometimes  it  gets  kind  of  depressing.  Cov¬ 
ering  the  stories  you  need  to  know  about  so 
you’re  up  to  speed  on  developments  that 
could  affect  your  job  and  the  technology 
you  use  to  do  it  can  be  a  bit  of  a  downer. 

You  didn’t  have  to  look  very  far  down  the  list  of  news 
stories  on  our  Web  site  last  week  to  get  a  feel  for  what 
I’m  talking  about:  “Storm  malware  shapes  up  as  worst 
‘weather’  in  years,”  “Breach  at  TJX  puts  card  info  at 
risk,”  “Chicago  Elections  Board  sued  over  data  breach,” 
“Don’t  fall  victim  to  the  ‘Free  Wi-Fi’  scam.”  It  was  a 
fairly  typical  week  with  plenty  of  not-so-good  news. 


Yet  something  hap¬ 
pened  that  set  last  week 
apart.  Amid  all  the  gloom, 
there  arose  a  buzz  in  the 
newsroom  about  a  story 
that  was  in  production  for 
this  week’s  issue.  “Have 
you  read  the  Kiva  story?” 
someone  would  ask. 

“Check  out  this  week’s 
cover,”  someone  else 
would  say.  “Is  that  cool  or 
what?” 

If  you  haven’t  read  it  - 

yet  and  you  could  use  a  boost,  turn 
to  page  31  and  read  the  story  titled 
“Game  Changer.”  It’s  about  Kiva 
(Swahili  for  “agreement”  or  “unity”), 
a  San  Francisco  start-up  that  uses 
Web  technology  to  give  people  in 
developing  countries  a  chance  at  a 
decent  livelihood  that  they  otherwise 
wouldn’t  have  had. 

The  small  band  of  game  changers 
at  Kiva  has  come  up  with  a  way  to 
enable  individuals  like  you  and  me 
to  easily  lend  as  little  as  $25  to  hard¬ 
working  people  who  are  trying  to 
make  a  go  of  a  business  venture.  You 
can  choose  to  help  fund  a  farmer  in 
Kenya  who  needs  $700  for  seed  and 
fertilizer,  or  perhaps  a  woman  in 
Ghana  whose  $625  loan  will  be  used 
to  expand  her  cornmeal  dumpling 
business.  In  any  case,  the  people  you 
help  are  approved  by  a  local  micro¬ 
financing  institution  that  you  other¬ 
wise  probably  wouldn’t  even  know 
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exists.  It’s  an  amazing 
setup,  and  one  that  has 
inspired  more  than 
26,000  people  world¬ 
wide  to  become  lenders 
since  the  nonprofit  Kiva 
was  incorporated  just  14 
months  ago. 

Interestingly,  I’ve 
come  to  find  out  that 
there  are  IT  leaders  who 
are  devoting  their  ca¬ 
reers  to  nonprofit  organi¬ 
zations  that  are  engaged 
in  this  sort  of  microfinancing  activity. 

By  sheer  coincidence,  a  couple  of 
weeks  ago  I  received  an  e-mail  out  of 


Us,  Not 
You,  for 
Person  of 
The  Year 

UT®  ANYBODY  making 
I  technology  and  access 
J^to  it  for  me,  and  not 
just  for  some  rich  kid?”  I 

overheard  a  young  student  ask.  At  the 
time,  I  was  in  the  classroom  at  Street 
Tech,  a  San  Francisco  Bay  area  tech¬ 
nology  training  and  job  placement 
program  for  low-income  and  under¬ 
served  adults. 

The  answer  is  complicated.  Or  is  it? 

Trickle-down  technology  is  a  fact 
of  life  in  the  U.S.,  just  as  are  trickle- 
down  employment,  housing  and 
wealth  distribution. 

Thankfully,  we  as 
a  nation  believe  in 
offering  a  safety  net 
to  keep  people  from 
slipping  over  the  edge 
entirely.  But  we  also 
harbor  a  competing 
set  of  beliefs  that  peo¬ 
ple  get  what  they  de¬ 
serve  and  that  work¬ 
ing  hard  entitles  one 
to  certain  “freedoms,” 
like  unlimited  wealth 
accumulation. 

What  if  technology 
could  help  us  to  move 
beyond  a  “to  the  victor  go  the  spoils” 
mentality?  What  if  we  all  had  similar 
access  to  the  tools  for  success  in  a 
world  that  is  being  rapidly  flattened, 
as  Thomas  Friedman  suggests,  by 
technology  changes?  That  flattening 
already  has  some  welcome  partners, 
like  municipal  and  community  wire¬ 
less  broadband  networks  that  are 
attempting  to  offer  free  and  low-cost 
Internet  access  to  everyone. 

Here  are  some  additional  things  we 
could  do: 

Simple,  affordable  tools.  While  we 
have  a  $100  laptop  in  production 
for  the  developing  world  and  break¬ 
through  cell  phone  technologies  be¬ 
ing  deployed  to  help  entrepreneurs 
in  poor  rural  communities  overseas, 
many  of  our  own  poor  are  being 
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overlooked  in  the  U.S.  For  example,  a 
cheap  mobile  device  could  go  a  long 
way  toward  keeping  a  homeless  person 
connected  to  social  services,  jobs  and 
people  in  a  position  to  help. 

School-  and  community-based  training. 
Our  public  schools,  nonprofits,  com¬ 
munity  centers  and  libraries  are  badly 
in  need  of  technology  training  curri¬ 
cula  and  programs  that  support  inno¬ 
vation  and  practical  training  for  future 
jobs.  Beyond  supporting  prison  reform 
and  expansion,  for  example,  shouldn’t 
we  also  be  thinking  about  training  as 
many  inmates  as  possible  for  the  21st 
century  workforce  while  they  are  in¬ 
carcerated? 

Community-based  research  and  devei- 
opment.  Beyond  designing  tools  and 
Web  2.0  services  for  high-end  consum¬ 
ers,  there  exists  a  tremendous  oppor¬ 
tunity  for  technology  businesses  to 
form  community-based  partnerships 


designed  locally  for  the  disadvantaged 
and  disabled.  This  will  open  up  new 
markets  and  encourage  innovation  on 
the  ground. 

Small-business  deveiopment.  Existing 
entrepreneurship  training  and  micro¬ 
enterprise  programs  could  be  expand¬ 
ed  to  include  Web  training  for  new 
entrepreneurs  and  local  merchants, 
utilizing  a  plethora  of  free  and  low-cost 
e-commerce  tools  now  available.  A 
virtual  economic  empowerment  zone 
could  be  established  to  support  strug¬ 
gling  entrepreneurs,  and  co-ops  for 
online  advertising  could  be  made  avail¬ 
able  to  local  merchants  to  bolster  local 
economic  development. 

Neighborhood  home  pages.  In  place 
of  generic  home  or  “splash”  pages  on 
computers  and  mobile  devices,  location- 
based  community  portals  could  be  de¬ 
veloped  and  managed  locally  to  feature 
neighborhood  events,  activities,  busi¬ 


nesses,  political  issues  and  people.  In 
this  way,  community  and  civic  ties  could 
be  strengthened,  new  social  networks 
formed  and  local  businesses  promoted. 

Fortunately,  there  are  already  a 
number  of  good  public  and  private 
resources  to  move  the  above  oppor¬ 
tunities  along.  These  include  founda¬ 
tions,  university-based  technology 
R&D  programs,  technology  companies, 
community  technology  programs  and 
a  variety  of  new  state  and  municipal 
digital  inclusion  task  forces  and  broad¬ 
band  deployment  committees. 

But  the  fact  remains  that  30%  of 
Americans  are  still  offline,  and  even 
many  who  have  some  access  are  too 
far  behind  the  technology  learning 
curve  for  it  to  matter.  Even  in  our  most 
wired  cities,  many  people  do  not  have  a 
computer  and/or  Internet  access  in  the 
home;  in  San  Francisco,  more  than  40% 
in  the  poorest  neighborhoods  don’t.  Yet, 


in  a  March  2006  survey  conducted  by 
the  Full  Circle  Fund  in  San  Francisco, 
80%  of  low-income  residents  indicated 
that  they  would  be  interested  in  pur¬ 
chasing  a  computer  for  $300,  and  nearly 
three  quarters  said  they  would  take 
advantage  of  free  computer  and  Internet 
training  classes  if  offered. 

So  if  2006  was  the  year  when  “You” 
were  recognized  as  Time's  Person  of 
the  Year  because  of  your  technology- 
enabled  capabilities,  how  about  making 
2007  the  Year  of  Us  by  putting  technol¬ 
ogy  to  even  better  use  —  leveling  the 
playing  field  for  everyone? 

In  so  doing,  we  can  finally  have  a 
good  answer  to  the  question  posed  by 
that  young  man.  * 


OMore  columnists  and  links  to  archives  of  previous 
columns  are  on  our  Web  site: 
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Five  Men  Weigh  in 
On  Women  in  IT 

Don  TENNANT  is  concerned 
about  the  falling  percentage  of 
women  in  IT  ["The  Darkening  Mine," 
Editorial,  Nov.  20].  However,  there's 
a  very  simple  explanation,  and  one 
that  few  men  would  ever  consider: 
On  average,  women  are  smarter 
than  men,  and  thus  more  likely  to 
see  career  disasters  looming  ahead. 
Ergo,  women  are  abandoning  IT  so 
that  they  will  not  be  square  in  the 
path  when  the  next  career  disaster 
strikes,  as  it  did  when  the  dot-com 
bubble  burst.  No,  I  don’t  know  what 
the  next  disaster  is;  if  I  did.  I’d  be  a 
woman,  wouldn’t  I? 

RichTietjens 

IT  technician  and  training 
director,  Oregon 


The  people  on  the  “bought 
off"  side  of  the  equation  (those 
with  better  money  and  conditions) 
think  that  it  will  cost  them  to  share. 
Hence  the  kicking  and  screaming. 
The  big  secret  is  that  diversity  brings 
far  greater  value  than  the  cost  of 
letting  it  in. 

That  12%  differential  is  what  we 
men  get  paid  in  lieu  of  working 
equally  with  women.  It’s  the  bonus 
for  ignoring  the  thinking,  experience 
and  wisdom  of  half  the  human  race. 
Our  day-to-day  lives,  our  jobs  and 
the  future  of  our  industry  will  be  pro¬ 


foundly  better  if  we  bring  in  those 
other  insights  and  perspectives. 

Frank  Pinto 

Davis,  Calif. 


■  TEND  TO  agree  with  the  reader 
who  used  the  coal  mine  analogy. 
Not  that  IT  can  really  be  compared 
to  such  a  dangerous  and  dirty  job, 
but  the  hours  one  has  to  put  into  it 
are  impossible  to  bear  if  you  want 
to  have  a  family.  Most  of  the  women 
I  have  seen  succeed  in  IT  were  the 
ones  who,  for  whatever  reason, 
decided  not  to  marry;  the  others  had 
very  strong  family  support.  Who  is 
to  blame?  I  do  not  know,  but  I  have 
worked  in  two  different  countries, 
and  I  have  noticed  that  when  a  com¬ 
pany  can  get  away  with  overworking 
its  IT  employees,  you  see  a  lot  of 
women  leaving  as  soon  as  they  can. 
Unfortunately,  most  of  the  U.S.  is 
such  a  place. 

Hilton  Lima 
IT  supervisor, 

Miami 


AM  A  fourth-generation  coal 
miner  who,  after  16  years,  was 
forced  to  leave  the  mines  due  to  an 
accident.  I  returned  to  college  and 
sat  across  the  aisle  from  my  old¬ 
est  daughter  in  Calc  1. 1  decided  to 
major  in  computer  science  because 
I  thought  the  industry  could  sustain 
me  until  retirement.  I  graduated  in 
1995  and  have  now  moved  to  the 


top  seat  in  my  department,  which  is 
50%  female.  Most  would  probably 
leave  if  they  married;  that’s  a  taboo 
subject,  though  it’s  one  that  cannot 
be  ignored  by  management.  Women 
have  traditionally  been  the  ones  to 
suspend  work  outside  the  home  to 
raise  the  kids,  and  if  they  ever  return, 
their  skill  set  is  antiquated.  Another 
reason  women  are  paid  less?  When 
a  couple  both  seek  jobs,  the  com¬ 
mon  path  is  that  they  will  move  to 
follow  his  job  offer.  The  woman,  left 
to  find  empioyment  in  the  city  of 
the  man’s  choice,  often  has  to  take 
less  pay  than  she  might  otherwise, 
or  even  empioyment  in  another 
field.  This  is  not  discrimination;  her 
pay  is  less  because  she  took  what 
was  available  rather  than  moving 
to  where  she  could  obtain  the  most 
remuneration  for  her  services. 

E.  Moore 
IT  manager, 

Altoona,  Pa. 


OUT  OF  42  IT  professionals 
that  I  manage,  five  are  women, 
and  they  definitely  are  the  cream  of 
the  crop.  I  would  love  to  see  more 
women  In  the  profession,  but  the  IT 
world  being  what  it  is,  I  wonder  not 
why  there  aren’t  more  of  them,  but 
rather  why  there  are  so  many. 
GuyPisapia 

Regional  administrator  IMS, 
Correctional  Service  Canada, 
Laval,  Quebec 


Destroy  the  Data, 
Save  the  Hardware 

Concerning  THE  story’’Top 
Tips  on  Destroying  Data  on  Your 
Hard  Drives"  [Computerworld.com, 
Dec.  20],  piease  don’t  teil  people  to 
destroy  perfectly  good  hardware  and 
put  valuable  raw  materials  into  land¬ 
fills.  Call  a  data  recovery  specialist 
and  ask  what  he  can't  do  to  recover 
data.  He  wili  probably  be  happy  to 
tell  you  the  limitations  of  his  service 
and  what  makes  a  truiy  inert  drive.  I 
don’t  believe  you  shouid  advocate 
data  security  by  the  blunt-force  trau¬ 
ma  of  a  sledgehammer.  Shredding 
plastic  disks  is  OK.  although  even 
that  should  be  left  to  the  competent 
and  careful.  Burning,  acid  baths  and 
melting  just  make  a  mess  for  future 
generations  and  wildlife. 

Ken  Lauderdale 
Flight  test  engineer, 

Lexington  Park,  Md. 

Common  Sense 

Again,  irawinker’s  com¬ 
mon  sense  cuts  through  a  lot 
of  the  irrational  fears  regarding  the 
question  of  privacy  vs.  security 
[“Why  the  DHS’s  Automated  Target 
System  Makes  Sense,"  Computer- 
world.com,  Dec.  19].  Yes,  we  need  to 
be  wary  of  government,  but  I  would 
rather  have  Big  Brother  looking  over 
my  shoulder  than  some  nut  case 
with  explosive  shoes  sitting  next  to 


me.  Just  goes  to  show  you,  common 
sense  ain’t  all  that  common.  Thanks 
to  Ira  for  being  one  of  the  uncom¬ 
mon  ones. 

Tom  Barth 

Milwaukee 


One  Job?  No  Red 
Flag  for  This  Reader 

IN  THE  ARTICLE  “Five  Tips  for 
R6sum6s  When  You  Can  List 
Only  One  Employer"  [Computer- 
world.com,  Dec.  19],  this  situation 
is  called  a  “red  flag"  But  when  I  get 
a  rdsumb  from  someone  who  has 
stayed  with  a  company  for  many 
years,  I  see  loyalty  and  a  person 
likely  to  go  the  extra  mile.  In  these 
times  of  people  shifting  jobs  be¬ 
cause  of  trivial  complaints,  getting 
the  opportunity  to  hire  a  person  who 
was  with  one  company  for  many 
years  seems  like  a  chance  to  retain 
a  loyal  and  reliable  employee. 

Lewis  Talber 


COMPUTERWORLD  welcomes  com¬ 
ments  from  its  readers.  Letters  will 
be  edited  for  brevity  and  clarity.  They 
should  be  addressed  to  Jamie  Eckle, 
letters  editor,  Computerworld,  PO  Box 
9171, 1  Speen  Street,  Framingham, 
Mass.  01701.  Fax;  (508)  879-4843. 
E-mail;  letters®computerworld.com. 
Include  an  address  and  phone  num¬ 
ber  for  immediate  verification. 
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QUICKSTUDY 

Color  Temperature 

Color  temperature,  a  way  of  measuring 
the  color  quality  of  white  light,  is  impor¬ 
tant  in  the  design  and  use  of  computer 
monitors  and  digital  cameras.  PAGE  28 


SECURITY  MANAGER’S  JOURNAL 

GettinoCertified  and 
Just  a  Dit  Certifiable 

CCSP  boot  camp  is  grueling,  C.J.  Kelly 
reports.  But  off-site  training  is  the  surest 
way  to  block  out  distractions.  PAGE  29 


OPINION 

It’s  Time  to  Forge  Global  Privacy  Rules 

Jay  Cline  says  the  time  is  ripe  for  a  global  privacy 
standard  to  replace  the  hodgepodge  of  rules  that 
multinational  businesses  must  cope  with.  The  first 
step  is  to  agree  on  what  privacy  really  means.  PAGE  30 


HEN  Coast  Mountain  Bus  Co. 
decided  10  years  ago  to  invest 
in  enterprise  asset  manage¬ 
ment  (EAM)  software,  even 
the  executive 

who  approved  the  purchase 
could  not  have  foreseen  how 
valuable  it  would  turn  out 
to  be.  Back  in  1996,  the  Sur¬ 
rey,  British  Columbia-based 
company  needed  EAM  to 
help  track  maintenance  work  ^ 

orders  for  the  fleet  of  buses  it 
supplies  to  the  Greater  Van¬ 
couver  Transportation  Authority. 

Data  was  scattered  across  12  different  mainframe 
and  PC-based  systems,  making  it  difiicult  for  me¬ 
chanics  to  get  a  handle  on  repeat  problems. 

So  Coast  Mountain  Bus  bought  software  from 
Datastream  Systems  Inc.,  now 
owned  by  Infor  Global  Solu¬ 
tions.  The  software  tracks 
1,100  buses  and  their  more 
than  25,000  components.  It 
also  schedules  repairs  and 
links  to  GPS  data  for  efficient 
dispatching  of  mechanics. 

Cost-justifying  the  pur¬ 
chase  was  a  cinch:  Thanks  to 
Datastream’s  central  repository  of  repair  and 
maintenance  information,  the  company  has 
already  saved  $1  million  in  parts  warranty 
claims  —  “found  money”  that  previously 
would  have  been  left  on  the  table. 


But  why  stop  at  tracking 
buses?  The  company  says 
it  plans  to  expand  its  use  of 
Datastream.  “We  can  use  it 
for  buses,  IT  assets,  buildings,” 
says  Jeff  Vogstad,  manager 
of  client  solutions  at  Coast 
Mountain  Bus.  “It  not  only 
tracks  asset  performance;  it 
also  tracks  inventory,  purchas¬ 
ing,  requisitions,  scheduling  of 
labor  —  it’s  all  done  in  the  product.” 

Classic  EAM  has  been  used  for  decades  in 
heavy  industries  such  as  manu¬ 
facturing,  oil  and  gas,  mining 
and  power  generation  to 
wring  every  drop  of  utiliza¬ 
tion  out  of  production  equip¬ 
ment.  In  those  markets,  the 
cost  of  unexpected  downtime 
can  reach  millions  of  dollars 
per  hour,  and  worker  safety 
is  at  stake.  To  avoid  such  prob¬ 
lems,  companies  bought  software  from  ven¬ 
dors  such  as  MRO  Software  Inc.  (recently 
acquired  by  IBM),  Datastream  and  Indus 
International  Inc. 

A  typical  EAM  system  catalogs  and  mod¬ 
els  assets  and  then  automates  work-order 
processing  and  the  tracking  of  unexpected 
downtime  and  planned  maintenance.  Ad¬ 
vanced  EAM  applications  feature  predictive 
maintenance  tools,  which  check  the  asset’s 
Continued  on  page  26 


Enterprise  asset  management  isn’t  just  for  heavy  industry  anymore. 
Today,  CDs  in  many  sectors  can  combine  software,  wireless  networks  and 
sensors  to  keep  tabs  on  all  kinds  of  assets. 
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The  AMD  Opteron"' 
processor  provides 
industry-leading 
performance. 


AT  LAST,  A  LESS  COMPLEX  WAY 
TO  BUILD  YOUR  EMPIRE. 


INTRODUCING  THE  NEW  DELL"  POWEREDGE"  6950  SERVER. 

Meet  the  new  4-socket  Dell  PowerEdge  6950  server.  It’s  ideal  for  your 
big  business,  since  it’s  primed  to  handle  all  your  mission-critical 
database  and  virtualization  apps.  And  Dell  tests  leading  operating 
systems  and  applications  on  its  servers  to  help  ensure  seamless 
productivity.  So  the  sky  is  no  longer  the  limit.  Business  solutions 
designed  with  one  company  in  mind.  Yours. 
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Continued  from  page  24 

condition  (or,  more  likely,  the  condition  of  one  of  its 
components)  to  determine  if  maintenance  is  required. 

Now,  the  scope  of  EAM  has  widened  to  include 
cutting-edge  applications  —  for  virtually  every  in¬ 
dustry  —  that  use  sensors  to  add  remote  monitoring 
capabilities  to  the  mix.  The  railroad  industry,  for 
example,  is  experimenting  with  technology  that  can 
track  the  status  and  condition  of  goods  in  transit. 
Aircraft  makers  have  started  to  use  technology  that 
can  monitor  the  condition  of  each  component  of  a  jet 
engine,  flagging  wear  on  a  bearing,  for  example,  that 
could  lead  to  disaster  if  not  addressed. 

EAM’s  broader  reach  is  the  result  of  an  expanding 
definition  of  the  term  asset.  “Almost  anything  could  be 
an  asset.  There  are  financial  assets,  knowledge  assets, 
people  assets,  fixed  assets,  capital  assets,”  says  Hough¬ 
ton  LeRoy,  an  analyst  at  ARC  Advisory  Group  Inc.  in 
Dedham,  Mass.  “Assets  are  anything  of  value  to  you.” 

“It’s  all  about  the  asset.  You  need  to  know  where  it 
is,  what  state  it’s  in  and  whether  you  need  to  do  some¬ 
thing  about  it,”  adds  Alison  Smith,  an  analyst  at  AMR 
Research  Inc.  “Whether  you’re  talking  about  a  freight 
car,  a  building’s  HVAC  system,  a  computer  network, 
a  factory  floor,  a  container  of  oranges  being  shipped 
from  Mexico  to  New  York,  or  tissue  samples  going 
from  a  hospital  to  a  lab,  the  bottom  line  is  there  is  a 
need  to  track  and  understand  the  state  of  those  assets.” 

Though  EAM  technology  is  unquestionably  mature, 
its  adoption  has  been  hindered  by  a  culture  that  settles 
for  reactive,  rather  than  proactive,  maintenance,  ac¬ 
cording  to  Patrick  Connaughton,  an  analyst  at  Forrest¬ 
er  Research  Inc.  Industries  other  than  manufacturing 
are  for  the  most  part  stuck  in  firefighting  mode. 

Asset  management  silos  also  present  a  problem. 
Most  large  EAM  users  have  multiple  departmental  or 
localized  EAM  systems.  “Even  the  largest  companies 
are  still  trying  to  centralize  the  management  of  all 
their  assets  and  get  a  centralized  view,”  says  Con¬ 
naughton.  Enterprise-level  reporting  of  asset  perfor¬ 
mance  is  the  key  to  unlocking  the  real  value,  he  adds. 
“It’s  about  seeing  a  picture  of  your  assets  in  their  cur¬ 
rent  state,  in  their  current  value,  across  all  different 
locations  and  geographies,”  he  explains. 

Broader  Applications 

In  addition  to  manufacturers,  transportation/logistics 
providers  were  also  early  EAM  adopters,  using  the 
software  to  track  on-the-go  assets  instead  of  fixed  as¬ 
sets.  “There  is  overlap  between  EAM  and  what’s  typi¬ 
cally  referred  to  as  fleet  management  and  tracking,” 
says  Connaughton.  Traditional  EAM  vendors  have  en¬ 
tered  the  fleet-tracking  business  as  a  natural  extension. 

“They’re  starting  to  cross  over  into  telematics  —  the 
ability  to  monitor  things  like  the  temperature  and 
vibration  levels  —  thanks  to  sensors  placed  within  a 
truck  or  a  trailer,”  he  adds.  These  systems  can  also  be 
tied  to  GPS  tools  to  track  the  locations  of  trucks. 

This  opens  up  the  potential  for  interesting  applica¬ 
tions,  especially  in  “cold  chain”  distribution,  or  the 
fresh-food  supply  chain.  For  example,  if  a  lettuce  sup¬ 
plier  buys  from  growers  in  Nicaragua,  it  could  use 
advanced  fleet  tracking  to  monitor  the  temperature  in 
the  body  of  the  truck  to  be  sure  the  logistics  provider  is 
meeting  service-level  agreements  (SLA).  If  it  turned  out 
the  trucks  weren’t  kept  at  the  proper  temperature,  the 
supplier  would  know  in  advance  that  the  goods  might 


An  Application 
Sampler 

Here  are  examples  of  ways  that 
networks  of  wireless  sensors  can  be 
used  in  various  industries. 


■  Track  the  loca¬ 
tion  and  condition 
of  goods  traveling 
on  the  nation’s  1.6 
million  rail  cars. 


■  Analyze  real-time  data  from 
sensors  located  on  city  buses  to 
predict  equipment  failures  be¬ 
fore  they  occur.  The  sensor  data 
is  transmitted  via  satellite. 


■  Monitor  the 
location  of  IV 
machines  and 
wheelchairs  in 
a  hospital. 


■  Check  a  commercial 
building’s  tempera¬ 
ture  and  energy  usage 
via  a  remote  handheld 
device. 


be  spoiled  and  would  have  time  to  make  alternate  plans. 
This  could  be  a  huge  boon  to  an  industry  where  wasted 
goods  represent  a  very  expensive  problem. 

Such  monitoring  could  improve  public  safety,  too, 
says  Smith.  In  the  not-so-distant  future,  she  says,  it 
may  be  possible  to  monitor  trucks  or  storage  facilities 
for  the  presence  of  bacteria  and  other  undesirable  or¬ 
ganisms.  Growers  might  be  able  to  prevent  problems 
like  E.coli  outbreaks. 

The  telecommunications  industry  is  the  second- 
biggest  EAM  user  behind  manufacturing,  according 
to  Connaughton.  “They  use  it  to  track  the  light  poles, 
the  telecom  infrastructure  that  is  underground,”  he 
says.  “They  integrate  the  systems  with  [geographic 
information  systems]  so  they  can  map  out  what  the 
infrastructure  looks  like.” 

Asset  management  systems  can  also  help  mainte¬ 
nance  crews  do  triage  to  identify  the  biggest  problems. 

The  Clark  County  School  District  in  Las  Vegas 
went  live  last  summer  with  an  implementation  of 
MRO  Software’s  Maximo  EAM  package.  The  district 
uses  Maximo  to  track  building  assets  at  326  school 
facilities  housing  more  than  300,000  students  in 
8,000  square  feet  of  space.  Public  safety  was  the  most 
pressing  driver  for  buying  the  technology,  according 
to  Randy  Shingleton,  director  of  maintenance. 

“If  we  have  a  fire  or  a  major  power  outage,  that  is  a 
critical  outage.  If  the  air  conditioning  shuts  down  in  the 
middle  of  June  when  it’s  120  degrees,  the  health  depart¬ 
ment  will  shut  us  down.  You  want  to  fix  that  more  than 
the  backed-up  toilet  20  miles  away,”  says  Shingleton. 

The  district’s  previous  homegrown  mainframe  system 
had  no  way  to  prioritize  work  orders.  The  old  system 
also  allowed  a  work  order  to  go  unnoticed  if  the  person 
to  whom  it  was  assigned  happened  to  be  out  of  the  olfice. 

“The  new  system  allows  us  to  automatically  forward 


Maintenance  Evolution^ 


If  it  breaks,  they  fix  it. 


© 

© 


They  do  scheduled  maintenance  on  the  asset 

(such  as  changing  the  oil  in  a  car  every  3,000  miles). 


They  do  preventive  maintenance  based  on 
knowledge  about  the  condition  of  the  asset  as 
reported  by  a  sensor.  This  saves  time  and  money  by 
avoiding  unnecessary  scheduled  maintenance.  ^ 


[the  work  order]  to  someone  else,”  he  says.  Maximo 
tracks  how  long  it  takes  for  the  maintenance  crew  to 
respond  to  problems  of  all  types.  Level  1  problems, 
the  most  serious  type,  must  be  addressed  within  four 
hours.  With  Maximo,  Shingleton’s  team  can  show  that 
average  response  time  has  been  much  shorter  than  that. 
“It’s  the  first  time  we  have  been  able  to  prove  that  we 
are  responding  better  than  our  SLAs  [require],”  he  says. 

Sensors  on  the  Scene 

Some  of  the  most  exciting  new  EAM  applications  are 
based  on  sensors  for  remote  monitoring.  In  an  indus¬ 
trial  environment  such  as  a  warehouse,  gas  pipeline 
or  oil  drilling  station,  it  would  be  impractical  to  use 
cable  to  connect  sensors  on  each  asset.  Wireless  is 
the  only  way  to  go  for  these  types  of  applications. 

Radio  frequency  identification  (RFID)  technology 
could  be  used  in  such  settings,  but  it’s  not  the  only  op¬ 
tion.  Mesh  networking  technology  could  also  be  used.  A 
mesh  network  is  a  series  of  low-power  “motes,”  or  radio 
transmitters,  that  are  connected  wirelessly.  “You  take 
a  load  of  these  little  sensors,  and  you  distribute  them  in 
a  particular  area  so  they  can  talk  to  each  other  and  de¬ 
cide  how  to  communicate,”  says  Smith.  The  oil  and  gas 
industry  is  an  early  adopter  of  mesh  networking. 

The  potential  for  wireless  sensor  networks  is  lim¬ 
ited  only  by  the  imagination.  Connaughton  cites  a 
hospital  doing  a  pilot  project  to  manage  intravenous 
machines  and  wheelchairs. 

“They’re  setting  up  a  wireless  network  in  the  hospi¬ 
tal  and  tagging  the  assets  with  an  RFID  tag.  They  can 
track  the  asset  and  see  where  it  is,”  says  Connaugh¬ 
ton.  “There  is  so  much  redundancy  in  hospitals  today. 
There  are  a  lot  of  assets  within  a  hospital  that  are  not 
tracked  closely.  [Tracking]  helps  with  optimizing  the 
inventory  levels  in  the  hospital  and  as  well  as  theft 
reduction.  Both  help  cut  costs.” 

Several  decades  after  it  was  invented,  EAM  tech¬ 
nology  is  being  used  far  and  wide,  in  environments 
that  were  unforeseen  just  a  few  years  ago.  CIOs  con¬ 
templating  a  first  step  into  the  world  of  asset  man¬ 
agement  should  “look  at  it  as  more  of  an  enterprise 
challenge  as  opposed  to  a  one-off  Band-Aid  solution,” 
advises  ARC’S  LeRoy.  “If  a  CIO  is  looking  to  become 
more  efficient  in  his  operations  and  improve  the  over¬ 
all  bottom  line,  EAM  is  one  strategy  that  has  a  lot  of 
impact.”  With  the  new  wireless  sensor  applications, 
that  is  more  true  today  than  ever  before.  * 


Gibbons  Paul  is  a  freelance  writer  in  Waban,  Mass. 
She  can  be  reached  at  lauren.paul@comcast.net. 
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Color 

Temperature 


DEFINITION 

Color  temperature  is  a  way  of  mea¬ 
suring  (in  units  derived  from  the 
Kelvin  temperature  scale)  and  de¬ 
scribing  the  color  quality  of  white 
light  by  comparing  it  to  a  theoreti¬ 
cal  black  body  heated  to  a  specified 
temperature  on  the  Kelvin  scale. 

It’s  important  in  the  design  and  use 
of  computer  monitors,  solid-state 
displays  and  digital  cameras. 
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BY  RUSSELL  KAY 

WHAT  COLOR  is 
white?  From  a 
physics  point  of 
view,  white  light 
is  what  our  eyes  see  as  a  com¬ 
posite  mixture  of  the  full  spec¬ 
trum  of  visible  light.  As 
the  sum  of  all  the  other 
colors,  white  can  ap¬ 
pear  in  myriad  subtle 
hues,  ranging  from  red 
to  ivory  or  cream  to  yel¬ 
low  to  blue.  Yet  our  eyes  tend 
to  see  any  naturally  bright 
light  source  that’s  not  filtered 
as  just  white,  with  little  sense 
that  it  includes  more  or  less  of 
certain  parts  of  the  spectrum. 

In  this  day  of  relatively 
smart  digital  cameras  and 
Photoshop  image  manipula¬ 
tion,  it’s  easy  to  forget  how 
much  our  brains  depend  on 
whites  looking  white  to  make 
all  the  other  colors  appear  cor¬ 
rect.  Yet  color  matching,  or 
color  accuracy,  is  important 
for  visual  comfort.  Every  time 
we  use  a  computer  monitor, 
take  a  picture  or  look  at  a  pho¬ 
tograph,  our  brains  adjust  the 
colors  we  see  so  that  they  look 
the  way  we  think  they  ought 


to.  Color  temperature  is  a  use¬ 
ful  way  to  describe  the  white¬ 
ness  of  white  light,  especially 
when  comparing  one  light 
source  to  another. 

Here’s  how  two  such  seem¬ 
ingly  disparate  and  unrelated 
concepts  as  color  and 
temperature  unite  in  a 
single  descriptor:  Let’s 
create  a  very  special 
light  bulb  by  imagin¬ 
ing  a  theoretical  black 
object  that’s  really  cold:  it’s 
sitting  at  a  temperature  of  ab¬ 
solute  zero,  273  degrees  below 
zero  Celsius,  -459.6  Fahrenheit. 
Because  absolute  zero  is  our 
primary  reference,  we’ll  use 
the  Kelvin  scale,  which  has  the 
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same  intervals  as  Celsius  but 
begins  with  0  at  absolute  zero. 

It  doesn’t  matter  what  this 
black  thing  is  made  of  because 
it  can’t  be  seen.  We  call  it 
black  because,  by  definition, 
black  absorbs  all  light  that  hits 
it.  If  this  body  is  in  balance 
with  its  surroundings,  it  will 
radiate  back  the  same  amount 
and  type  of  energy  that  strikes 
it.  This  state  of  equilibrium 
is  called  black  body  radia¬ 
tion.  When  the  black  body  sits 
there  at  0  degrees  Kelvin  with 
no  energy  coming  into  it,  it’s 
emitting  no  light,  so  it’s  not 
possible  to  see  anything. 

If  we  heat  up  this  black  body, 
we  see  it  beginning  to  glow 
with  a  dim,  reddish  appear¬ 
ance.  As  the  heat  increases, 
the  color  changes,  appearing 
first  dark  red  then  yellow, 
moving  through  the  visible 
colors  of  the  spectrum  until  it 
reaches  blue  and  violet.  As  the 
object  changes  color,  it  also 
appears  brighter,  since  more 
heat  is  being  pumped  in  and 
a  greater  amount  of  energy  is 
being  radiated  out  while  its 
color  is  getting  bluer;  we  in¬ 
terpret  this  energy  increase  as 
brightness.  At  the  middle  and 
higher  ends  of  the  visible  light 
scale,  the  body  appears  white 
to  us;  our  eyes  and  brain  can’t 
easily  distinguish  subtle  dif¬ 
ferences  at  such  light  levels. 

When  our  black  body  reach¬ 
es  2,800  degrees  K,  it  looks  like 
a  normal  incandescent  lamp. 

At  5,000  degrees,  the  quality  of 
its  light  is  akin  to  a  sunlit  sum¬ 
mer  day.  Using  the  color  tem¬ 
perature  scale,  we  characterize 
a  typical  tungsten-filament 
light  bulb  as  having  a  color 
temperature  of  2,800  Kelvin 
(for  simplicity’s  sake,  we  drop 
the  word  degrees  when  talking 
color  temperature).  Note  a  real 


Adjusting  the  White  Balance 

Most  modern  computer  monitors  have  provisions  for  chang 
ing  the  white  balance  of  the  displayed  image.  Somewhere  on 
their  adjustment  menus  is  the  option  to  choose  a  white  bal- 


Most  modern  computer  monitors  have  provisions  for  chang¬ 
ing  the  white  balance  of  the  displayed  image.  Somewhere  on 
their  adjustment  menus  is  the  option  to  choose  a  white  bal¬ 
ance  such  as  5,000K,  6,500K  or  9,300K.  Which  one  you  use  is  a  matter 
of  personal  preference,  unless  you  need  to  match  colors  from  different 
sources.  For  example,  let’s  say  you’ve  created  a  layout  on-screen  using 
Adobe  InDesign  and  want  to  compare  it  to  a  proof  printed  on  paper.  Most 
graphic  arts  production  services  have  specialized  viewing  areas  with  color- 
temperature-controlled  lights  (typically  5,000K  or  6,500K).  If  you  use  this 
along  with  a  display  monitor  set  for  the  same  color  temperature,  you  can 
be  sure  to  accurately  see  any  differences  between  the  printed  proof  and 
the  monitor  image.  Similarly,  digital  cameras,  DVDs  and  Web  graphics  are 
normally  designed  for  a  6,500K  white  point. 

-RUSSELL  KAY 


distinction  here:  We  aren’t  say¬ 
ing  the  filament  is  operating 
at  a  temperature  of  2,800  de¬ 
grees  K;  we’re  merely  describ¬ 
ing  the  color  quality  of  the 
light.  Similarly,  we’ve  set  the 
standard  reference  for  daylight 
at  5,000  Kelvin,  regardless  of 
the  sun’s  actual  temperature. 

Balance  the  White 

That  would  be  sufficient  if 
all  our  light  came  from  heat¬ 
ing  something  that  emits 
the  entire  visible  spectrum, 
such  as  a  burning  match  or  a 
standard  light  bulb.  But  many 
light  sources  don’t  emit  the 
entire  visible  spectrum.  Some 
frequencies  (and  colors)  are 
missing  entirely,  while  other 
frequencies  show  large  spikes. 

Such  nonblack  body  sources 
include  fluorescent  tubes,  LEDs, 
and  the  sodium  vapor  lamps 
used  outdoors. 

We  can’t  directly  or  accu¬ 
rately  use  color  temperature 
to  describe  the  light  from  such 
sources.  Instead,  we  measure 
the  relative  amounts  of  red, 
green  and  blue  light  these 
sources  emit  and  calculate  a 
correlated  color  temperature. 

The  problem  with  this  be¬ 


comes  apparent  when  we  mix 
two  dissimilar  light  sources. 
For  example,  take  a  room 
that  is  lit  by  “cool  daylight” 
fluorescents  (correlated  color 
temperature  6,200K)  and  has 
sunlight  streaming  in  through 
an  open  window  (say  this  light 
has  a  real  color  temperature  of 
6,200K).  To  the  eye,  both  light 
sources  seem  to  have  the  same 
color  quality,  which  is  what 
the  numbers  imply.  But  when 
we  take  a  photograph,  we  see 
that  the  parts  of  the  room 
lit  by  fluorescent  light  look 
strangely  greenish. 

Why  don’t  our  eyes  see  this 
difference  in  the  room  itself? 
Because,  like  today’s  smart 
digital  cameras,  we  have  an 
“automatic  white  balance”  fea¬ 
ture  that  automatically  com¬ 
pensates  for  such  differences. » 

Kay  is  a  Computerworld  con¬ 
tributing  writer  in  Worcester, 
Mass.  You  can  contact  him  at 
russkay@charter.net. 
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Color  Temns 


The  color  temperature  of  various  light  sources  -  such  as  a  candle  flame  or  car  headlights  -  can  be  plotted  along  a  scale. 
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GettingCertified  and 
Just  a  Bit  Certifiable 

CCSP  boot  camp  is  grueling,  our  manager 
finds.  But  off-s'ite  training  is  the  surest  way 
to  block  out  distractions.  By  C.  J.  Kelly 


I  RECENTLY  ATTENDED 
CCSP  boot  camp.  I  was 
there  for  a  very  specific 
purpose.  No,  two  very 
specific  purposes.  Like  most 
people  in  attendance,  I  wanted 
to  achieve  the  Cisco  Certi¬ 
fied  Security  Professional 
certification,  but  I  also  wanted 
in-depth  training  on  the  tech¬ 
nologies  that  my  staff  deploys 
and  I  manage. 

Technical  boot 
camps  are  grueling. 

Classes  normally  be¬ 
gin  at  8  a.m.  and  end 
at  8  p.m.  We  started 
at  7:30  a.m.,  worked 
through  lunch  and 
finished  after  8  p.m.  At  the  end 
of  the  training,  I  was  physi¬ 
cally  exhausted,  but  my  mind 
felt  invigorated. 

One  thing  that  kept  me 
going  was  thinking  about  how 
privileged  I  am  to  have  had 
the  opportunity  to  receive 
this  level  of  training.  Usually, 
technical  managers  aren’t  sent 
to  technical  training.  But  as  I 
have  said  before,  I  believe  that 
the  best  technical  managers 
are  both  people-savvy  and 
technically  proficient  enough 
to  keep  things  on  track.  And 
I  am  very  fortunate  to  work 
for  someone  who  understands 
and  supports  that  idea. 

I  hold  several  certifications 
in  addition  to  my  formal  edu¬ 
cation,  but  in  the  past,  I  chose 
the  self-study  route.  Boot 
camp  was  all  new  for  me. 

Almost  Derailed 

On  the  long  flight  home,  I  had 
time  to  think  about  boot  camp 
vs.  self-study  using  textbooks 
or  online  programs.  I  have 
always  preferred  self-study, 
which  suits  my  particular 


learning  style  very  well.  I 
have  an  almost  photographic 
memory,  read  very  fast  and 
grasp  concepts  quickly.  I  don’t 
necessarily  need  interaction 
with  other  students  or  an 
instructor  —  in  fact,  I  find  it 
distracting. 

But  just  before  I  went  to 
boot  camp,  I  completed  an 
online  training  program  to 
master  the  prereq¬ 
uisites  for  the  CCSP, 
and  distractions 
nearly  derailed  the 
process.  I  have  no 
complaint  about  the 
quality  of  the  online 
program.  It  included 
information  presentations, 
online  “step  into  the  lab”  dem¬ 
onstrations,  flash  cards  and 
several  variations  of  what  the 
real  test  would  be  like. 

My  life  is  crazy  busy,  so 
even  though  I  took  several  full 
days  to  do  the  online  training 
from  home,  I  still  found  myself 
constantly  interrupted. 

For  most  people,  block¬ 
ing  off  the  time  you  need  for 
online  training  is  the  biggest 
obstacle.  You  have  to  open  up 
your  schedule  and  set  aside 
the  time  for  training;  trying 
to  do  it  piecemeal  as  time  al¬ 
lows  just  won’t  work.  If  this 
means  closing  your  office 
door,  do  it.  If  it  means  working 
from  home,  do  it.  If  it  means 
going  to  the  public  library  to 
get  away  from  phones  and 
pagers,  do  it.  You  have  to  man- 


Some  peo¬ 
ple  drown 
when  they’re 
immersed. 


age  the  interruptions. 

This  same  advice  holds  true 
for  self-study  offline.  And 
because  you  don’t  have  an 
online  program  to  guide  you 
in  what  to  study,  you  have  to 
know  what  kind  of  materials 
to  buy.  For  its  own  certifica¬ 
tions,  Cisco  offers  plenty  of 
resources  on  its  Web  site.  In 
fact,  I  ended  up  supplementing 
the  online  training  with  other 
self-study  tools. 

Camp  CCSP 

Boot  camp  is  an  immersion 
method.  Distractions  such  as 
cell  phones  and  pagers  are 
discouraged.  (I  was  surprised 
that  laptops  with  Internet  ac¬ 
cess  were  allowed.)  There 
isn’t  much  socializing.  Most 
people  went  from  hotel  room 
to  boot  camp  and  back  to  hotel 
room  again  with  very  little 
in  between.  The  schedule  is 
physically  draining;  my  lab 
partner  was  very  late  on  about 
the  third  day,  citing  complete 
exhaustion. 

Nonetheless,  the  training 
was  excellent.  The  instructor 
was  not  only  very  capable, 
but  also  a  security  consultant 
in  real  life,  with  day-to-day 
experience  in  the  technologies 
we  studied.  Far  from  being 
distracted  by  the  other  stu¬ 
dents,  I  found  myself  relieved 
that  there  were  like-minded 
people  around  to  discuss  is¬ 
sues  with. 

I  would  have  to  say  that  boot 
camp  did  the  job.  Of  course, 
it’s  expensive.  Even  though  my 
state  agency  got  a  discount, 
the  training  for  one  person  ran 
between  $8,000  and  $9,000, 
and  that  did  not  include  air¬ 
fare,  meals  or  lodging.  It  did 
include  vouchers  for  the  five 
exams  required  to  pass  the 
CCSP  certification  test. 

But  some  people  drown 
when  they’re  immersed.  Your 
brain  can  easily  get  overloaded 
when  you’re  trying  to  cram 


technical  information  into  it 
for  12-plus  hours  a  day. 

I  survived  it,  but  boot  camp 
isn’t  my  preference.  Would  I 
do  it  again?  Yes,  and  in  fact,  I 
intend  to  soon.  So,  managers 
who  are  considering  training 
options  for  their  employees 
should  definitely  consider 
boot  camp  seriously.  For  some 
people,  it  will  be  the  only  way 
to  give  the  work  at  hand  the 
necessary  focus.  (Others,  like 
me,  may  do  very  well  with 
self-study,  so  don’t  overlook 
that  option.) 

And  shipping  your  employ¬ 
ees  off  to  expensive  off-site 
training  sends  them  a  mes¬ 
sage  loud  and  clear:  You  value 
them.  Some  managers  worry 
that  a  big  training  investment 
could  go  to  waste,  since  the 
employee  could  take  his  new 
skills  and  find  a  better-paying 
job.  But  my  experience  has 
been  that  making  investments 
in  people  fosters  loyalty.  Ex¬ 
pansive  thinking  on  your  part 
leads  to  expansive  thinking 
on  your  employees’  part.  You 
want  that. 

Certification  training  raises 
another  issue.  There’s  a  lot  of 
talk  that  certifications  don’t 
deliver  a  lot  of  value.  But  in  my 
mind,  certification  training, 
and  especially  security  certi¬ 
fication  training,  is  a  way  of 
making  sure  that  every  aspect 
of  security  has  been  covered. 
It’s  the  equivalent  of  requiring 
someone  to  have  a  college  edu¬ 
cation  as  a  job  prerequisite. 

Sure,  certifications  don’t 
guarantee  you  anything.  But 
they  do  give  you  a  high  level  of 
confidence  that  the  person  sit¬ 
ting  in  front  of  you  knows  the 
basics  and  can  perform  them 
well.  I  agree  that  experience 
trumps  certifications  any  day 
of  the  week,  but  I  look  at  certi¬ 
fications  as  a  quality  seal.  And 
that’s  good  to  have  under  any 
circumstances. » 


WHAT  DO  YOU  THINK? 

This  week's  journal  is  written  by  a  real 
security  manager,  “C.J.  Kelly,"  whose  name 
and  employer  have  been  disguised  for 
obvious  reasons.  Contact  her  at  mscjkelly® 
yahoo.com,  or  join  the  discussions  in  our 
security  blogs:  computerworld.com/ 
blogs/security 

To  find  a  complete  archive  of  our  Security 
Manager’s  Journals,  go  online  to 

computerworld.com/secjournal. 
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Spam  Volume  Just 
Keeps  on  Growing 

Postini  Inc.  reported  that 
almost  94%  of  all  e-mail  in 
December  was  spam.  It  said 
it  blocked  over  25  billion 
spam  messages  that  month, 
up  144%  from  a  year  earlier. 
The  company  said  viruses 
were  also  on  the  rise. 


TOP  BLOCKS  ™  4 

The  top  five  viruses  blocked  by-'-- : 
Postini  in  December: :  A.4 

nuwar 

19.4M 

:!■  netsky 

6.4M 

stration.gen 

4.1M 

downloader-arl  ' 

2.6M:^h, 

mytob  ; '  .  '  ■ 

2.1M 

Meanwhile,  Sophos  PLC  re-  ' 
ported  that  the  U.S.  remains  .  ; 
the  largest  source  of  spam. 


SPAM  CHAMPS 

Top  five  spam-relaying  countries, 
January  2007: 


i  'Spam  King’  | 

I  MySpace.com  has  filed  a  | 

i  lawsuit  against  self-pro- 
claimed  “spam  king”  Scott 
Richter  for  allegedly  blast-  j 

j  ing  the  portal  with  unsolicit¬ 
ed  e-mails.  MySpace  wants 
a  permanent  injunction  to 
bar  Richter  and  his  affiliates 
i  from  using  its  popular  social 
networking  site.  Richter 
runs  0ptinRealBig.com  LLC, 

I  an  e-mail  marketing  com-  “ 

pany  in  Westminster,  Colo. ..  _ 

I  muian 

Vt.  Redacts  SSNs  ^ 

Vermont  Secretary  of  State 
Deborah  Markowitz  said 
that  to  comply  with  a  new 
state  law,  her  office  has 
removed  from  its  Web 
site  links  that  led  to  files 
containing  Social  Security  : 

numbers.  Several  states 
came  under  fire  last  year  for 
revealing  Social  Security 
numbers  on  their  Web  sites. 
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Kana  Provides 
OnDemand  CRM 

■  Kana  Software  Inc.  in 
Menlo  Park,  Calif.,  last  week 
announced  the  release  of  On- 
Demand,  a  suite  of  customer 
service  applications  available  as 
a  software-as-a-service  offering. 
The  OnDemand  package  includes 
call  center,  e-mail  response 
management,  online  chat  and 
Web  self-service  capabilities.  It’s 
available  now  and  starts  at  $125 
per  month  per  user. 

F5  Adds  Appliance 
That  Delivers  Apps 

■  Seattle-based  F5  Networks 
Inc.  today  will  announce  the 
Big-IP  8800  application  delivery 
appliance,  which  provides  up  to 
8Gbit/sec.  throughput  for  ap¬ 
plications  and  up  to  6Gbit/sec. 
throughput  for  bulk  Secure 
Sockets  Layer  traffic.  It  runs  Big- 
IP  9.4,  the  newest  version  of  the 
vendor’s  software.  The  Big-IP 
8800  is  available  now,  starting 
at  $89,995,  including  software. 


OpenPages  Offers 
ITIL,  Cobit  Help 

■  Waltham,  Mass.-based  Open- 
Pages  Inc.  last  week  released 
OpenPages  ITG  software  for 
managing  IT  governance  and 
risks.  The  tool  is  intended  to  help 
companies  comply  with  IT  Infra¬ 
structure  Library  guidelines,  as 
well  as  Control  Objectives  for  In¬ 
formation  and  Related  Technol¬ 
ogy,  or  Cobit,  practices.  Pricing 
wasn’t  immediately  available. 


Data  Stewards 
Get  Dashboard 

■  Trillium  Software,  a  unit  of 
Harte-Hanks  Inc.  in  Billerica, 
Mass.,  has  introduced  TS  Insight, 
a  data  quality  dashboard.  The 
Web-based  application  monitors 
data  quality  statistics  and  per¬ 
formance  indicators  for  custom¬ 
er  name  and  address  information, 
as  well  as  supply  chain,  ERP  and 
financial  data.  It  can  also  be 
used  to  demonstrate  the  benefits 
of  data  quality  investments. 
Pricing  starts  at  $40,000  for  a 
server  license  and  10  user  seats. 


JAY  CLINE 


It’s  Time  to  Forge 
Global  Privacy  Rules 


WHENEVER  I’ve  mentioned  to  chief 

privacy  officers  the  idea  of  having 
a  single  set  of  privacy  rules  for  their 
companies  to  abide  by  worldwide, 
their  response  has  been  unanimous: 
Bring  it  on.  Why?  The  legal  and  technical  costs  of  comply¬ 
ing  with  an  expanding  patchwork  of  state,  federal  and  for¬ 
eign  privacy  laws  are  mounting  for  multinationals.  Having 
just  one  set  of  rules  would  improve  the  bottom  line. 


Data-protection  commis¬ 
sioners  from  many  world 
governments  are  singing  the 
same  tune.  At  a  November 
conference  in  London,  they 
issued  a  communique  urging 
the  United  Nations  to  launch 
an  international  privacy  con¬ 
vention  toward  this  end. 

You  and  I  as  customers 
and  employees  would  also 
benefit  from  one  set  of  rules 
that  we  could  come  to  know 
and  understand  —  instead 
of  the  vast  array  of  obtusely 
worded  privacy  notices  that 
we  see  on  Web  sites  and  find 
in  our  mailboxes. 

It’s  hard  to  imagine  a 
major  constituency,  outside  of  the  Idaho 
and  Michigan  militias,  that  would  be 
against  the  concept  of  a  global  privacy 
agreement,  if  it  was  properly  worded.  So, 
what’s  the  holdup? 

It  all  comes  down  to  two  questions 
that  the  U.S.  and  Europe  answer  differ¬ 
ently:  What  does  privacy  mean?  And  is 
privacy  an  inalienable  human  right? 

If  two  major  blocs  of  the  Western 
world  can  agree  on  the  first  question  and 
just  agree  to  disagree  on  the  second,  the 
stage  will  be  set  for  serious  negotiations. 

What  does  privacy  mean?  The  word 
privacy  is  nowhere  in  the  U.S.  Constitu¬ 
tion,  and  Americans  have  had  a  continu¬ 
ously  changing  view  of  what  privacy 
means.  I  see  three  major  turning  points: 

■  In  1890,  Chief  Justice  Louis  Brandeis 
asserted  that  there’s  a  right  to  protection 
from  public  disclosure  of  private  facts. 


■  In  I960,  law  professor 
William  Prosser  said  there 
are  four  types  of  privacy  vio¬ 
lations:  public  disclosure  of 
private  facts,  false  publicity, 
appropriation  of  a  name  or 
likeness,  and  intrusion  upon 
seclusion. 

■  In  2006,  law  professor 
Daniel  Solove  offered  four 
broader  dimensions  of  pri¬ 
vacy:  information  collection, 
information  processing,  in¬ 
formation  dissemination,  and 
intrusion  upon  seclusion. 

If  you  think  that’s  complex, 
consider  this:  The  European 
Union  has  eight  privacy  prin¬ 
ciples,  the  U.S.-EU  Safe  Har¬ 
bor  privacy  accord  has  seven  principles, 
and  Canada  and  Australia  have  each  de¬ 
veloped  10  privacy  principles. 

Is  it  possible  to  bridge  all  of  these  dif¬ 
ferences  into  one  common  meaning  of 
privacy?  I  think  so.  There’s  a  tremendous 
amount  of  overlap  among  these  lists.  So 
I’ve  been  sharing  a  list  of  seven  global 
privacy  principles  with  my  CPO  peers 
over  the  past  year,  and  it  hasn’t  gener¬ 
ated  any  major  objection  (see  chart).  The 
major  industrialized  countries  are  con¬ 
verging  on  the  question  of  “What  does 
privacy  mean?”  and  the  time  is  ripe  to 
start  forging  a  consensus. 

Is  privacy  an  inalienable  human  right? 
Europeans  want  the  answer  to  be  yes, 
and  it’s  hard  to  blame  them.  After  the 
experiences  of  World  War  II,  where 
Europe’s  Axis-aligned  governments 
exploited  their  access  to  citizen  informa- 


JAY  CLINE  is  a  former  chief 
privacy  officer  of  a  Fortune 
500  company  and  now  presi¬ 
dent  of  Minnesota  Privacy 
Consultants.  You  can  reach 
him  at  Gwprivacy® 
compirterworld.com. 


SHARED  IDEALS 


Proposed  Global 
Privacy  Principles 

These  seven  principles,  which  reflect 
the  essential  principles  of  the  world’s 
various  privacy  laws,  could  form  the  ba¬ 
sis  of  a  global  agreement  on  privacy: 

1.  Notice:  Present  individuals  with  a  privacy 
policy  when  their  data  is  collected. 

2.  Relevance  and  retention:  Require  indi¬ 
viduals  to  provide  only  data  that  is  needed  for 
the  business  at  hand,  and  retain  it  for  only  as 
long  as  needed  for  that  business. 

3.  Access  and  accuracy:  Give  individuals 
a  way  to  securely  access  and  correct  their 
information. 

4.  Security:  Protect  individuals’  information 
from  unauthorized  access  within  the  collect¬ 
ing  organization  and  any  other  organization  or 
country  to  which  it  is  transferred. 

5.  Choice  regarding  third-party  sharing: 

Let  individuals  choose  whether  third  parties 
should  be  allowed  to  access  their  information 
for  analytical  or  marketing  purposes. 

6.  Choice  regarding  direct  marketing:  Let 

individuals  decide  whether  they  want  to  be 
contacted  for  marketing  purposes. 

7.  Enforcement:  Appoint  a  senior  executive 
to  be  responsible  for  annually  assessing 
the  organization’s  compliance  with  these 
principles. 

tion  to  round  up  and  execute  opponents, 
you  can  see  why  Europeans  want  to  go  as 
far  in  the  opposite  direction  as  possible. 

But  Americans  don’t  think  privacy 
rises  to  the  preeminence  of  an  intrinsic 
human  right  —  a  right  the  government 
must  recognize  and  cannot  curtail.  To 
say  that  we  have  a  “freedom  of  privacy” 
and  that  the  government  can’t  stop  us 
from  being  private  would  be  one  of  the 
most  ambiguous  amendments  to  the  U.S. 
Constitution  we’ve  ever  had. 

Every  major  constituency  —  citizens, 
businesses  and  governments  —  would 
benefit  from  a  single  set  of  global  privacy 
rules.  The  question  is,  will  the  EU  be 
open  to  compromise?  * 
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MAWWEMENT 


Buyer  Beware 

Are  your  IT  vendors  tied  up  in  legal 
problems?  If  so,  there’s  a  real  dan¬ 
ger  you  can  become  entangled,  too. 
Here’s  what  to  watch  out  for  and  how 
to  protect  yourself.  PAGE  34 


ADVICE 

Managers’  Forum 

An  employee  nearing  retirement  isn’t 
pulling  his  weight.  Not  only  that,  he’s 
causing  trouble.  What’s  a  manager  to  do? 
Paul  Glen  has  some  tips.  PAGE  35 


OPINION 

IT,  We  Have  a  Problem!  Part  II 

It’s  time  for  IT  to  stop  playing  the 
whipping  boy,  stand  up  and  take 
credit  for  its  role  in  corporate  suc¬ 
cess,  says  Paul  Ingevaldson.  PAGE  36 


Fiona  Ramsey,  community  and  operations  manager 


Matt  Flannery,  CEO  and  co-founder 


Jessica  Jackley  Flannery,  co-founder 


Olana  Khan,  chief  operating  officer 


Jeremy  Frazao,  director  of  technology 

t  r  i.  .1  .V  r  i  c:^. 


Kiva’s  approach  is  straightforward. 
Entrepreneurs  working  with  estab¬ 
lished  local  microfinancing  institu¬ 
tions,  or  MFIs,  put  their  business  plans, 
financing  needs  and  photos  on  Kiva’s 
Web  site.  Investors  from  the  U.S.  and 
other  affluent  countries  visit  Kiva.org, 
choose  which  entrepreneurs  to  back 
and  then  finance  the  loans. 


The  organization,  which  incorpo¬ 
rated  as  a  nonprofit  in  November  2005, 
has  already  raised  more  than  $2  mil¬ 
lion  in  loans  from  26,000  lenders.  The 
idea  is  simple,  yet  Kiva  insiders  ac¬ 
knowledge  that  it’s  only  feasible  with 
today’s  technology. 

“Five  years  ago,  it  wouldn’t  have 
seemed  possible,”  says  Jeremy  Frazao, 


her  life  with  a  $25  loan,  would  you? 

Well,  now  you  can. 

Kiva,  a  San  Francisco-based  start-up, 
is  using  technology  to  connect  small- 
stakes  lenders  around  the  world  with 
impoverished  entrepreneurs  in  devel¬ 
oping  countries  —  a  feat  that’s  helping 
to  change  the  nature  of  microfinancing 
and  global  giving  itself. 


Aziaka,  a 

^^^vhardworking  but  un- 
educated  entrepreneur 
in  Togo,  needs  a  loan  to 
buy  chickens  and  feed  to  expand  her 
poultry  business.  This  will  enable  her 
to  better  support  her  four  children  and 
two  foster  children.  She  will  repay  the 
loan  in  15  months.  If  you  could  change 
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Kiva’s  director  of  technology. 

“They’re  using  the  Web  to  shorten 
the  [lending]  cycle  and  increase  the 
flow  of  information  among  people 
who  wouldn’t  otherwise  connect,’’  says 
Peter  Bladin,  director  of  the  Seattle- 
based  Grameen  Technology  Center, 
part  of  the  Grameen  Foundation,  a 
Washington-based  nonprofit  that  pro¬ 
motes  global  microfinancing. 

BEGINNINGS 

®HE  IDEA  FOR  KIVA,  which 

means  “agreement”  in  Swahili, 
dates  back  to  early  2004,  when 
co-founder  and  CEO  Matt  Flannery 
was  using  e-mail  and  text  messages 
to  communicate  with  his  wife,  Jessica 
Jackley  Flannery,  while  she  worked 
in  East  Africa  through  the  Village 
Enterprise  Eund,  a  San  Carlos,  Calif.- 
based  nonprofit  that  provides  business 
training,  seed  capital  and  mentoring  to 
people  in  that  region. 

Inspired  by  her  experience,  the  cou¬ 
ple  tried  to  invest  in  microfinancing 
ventures  only  to  learn  that  they  were 
priced  out  of  the  market.  (The  mini¬ 
mum  investments  for  MEI  funds  are 
generally  $50,000  or  $100,000.) 

“We  had  seven  businesspeople  in 
Uganda  we  wanted  to  invest  in,  and  we 
didn’t  find  any  organization  that  could 
help  us  do  that,”  Matt  Flannery  says. 

So  the  Flannerys  helped  themselves. 
In  March  2005,  Matt  created  a  Web  site 
that  featured  the  Ugandans’  photos  and 
stories.  The  couple  then  used  the  In¬ 
ternet  to  solicit  “shares”  in  those  busi¬ 
nesses  from  family  and  friends.  The 
shares  sold  in  one  weekend. 

Kiva  was  born,  but  it  was  just  a  side 
project  at  first.  Matt  kept  his  regular 
job  as  a  computer  programmer  at  TiVo 
Inc.  until  December  2005.  Meanwhile, 
Jessica,  who  is  now  a  second-year 
MBA  student  at  the  Stanford  Graduate 
School  of  Business,  spent  a  year  rais¬ 
ing  money  and  researching  legal  issues 
related  to  their  venture. 

Around  the  same  time,  Frazao,  a 
software  architect,  and  his  wife,  Fiona 
Ramsey,  an  executive  assistant  at  a  real 
estate  company,  were  spending  a  year 
traveling.  They  arrived  in  Thailand 
just  months  after  the  catastrophic  tsu¬ 
nami  of  December  2004. 

The  couple  sent  e-mails  to  family 
and  friends,  asking  for  contributions 
for  local  entrepreneurs  in  need.  In  two 
days,  they  raised  more  than  $3,000  via 
their  PayPal  account,  some  of  which 
came  from  strangers  to  whom  their 
original  message  had  been  forwarded. 

“That’s  what  made  my  mind  start 
spinning  about  the  ability  to  raise  mon¬ 
ey  over  the  Internet,”  says  Frazao. 


They  returned  to  the  U.S.  in  August 
2005.  Two  months  later,  Frazao  read 
about  the  nascent  Kiva  on  a  blog.  “It 
just  became  clear  to  me  that  this  is  go¬ 
ing  to  change  everything,”  he  says. 

Frazao  started  helping  Matt  Flan¬ 
nery  write  code.  Weeks  turned  into 
months,  until  Frazao  finally  became  an 
official  paid  employee  this  past  August. 
Ramsey  became  Kiva’s  community  and 
operations  manager. 

Now  Kiva’s  mission  is  to  draw  others 
into  microfinancing.  Visitors  to  Kiva’s 
site  see  that  Juliet  Igunbor  in  Nigeria 
needs  $500  to  expand  her  beauty  salon. 
Francois  Segbessi  Akpatou  in  Togo 
is  asking  for  $1,200  to  grow  his  auto 
repair  business.  Krum  Nikolov  in  Bul¬ 
garia  is  seeking  $2,000  to  buy  a  profes¬ 
sional  coffeemaker  and  refrigerator  for 
his  snack  shop.  The  entrepreneurs  also 
say  when  they’ll  pay  back  the  loans. 

Web  site  visitors  who  decide  to  invest 
in  a  venture  contribute  online,  going 
through  a  checkout  process  much  like 
they  would  at  a  retail  site.  MFIs  vet  the 
entrepreneurs  and  disburse  the  funds, 
covering  their  expenses  from  interest 
they  charge  to  the  entrepreneurs.  So 
far,  there  has  been  a  100%  payback  rate, 
but  most  lenders  reinvest  their  money. 

Kiva  uses  PayPal,  a  part  of  eBay  Inc., 
to  collect  money  from  individual  inves¬ 
tors.  PayPal  reimburses  Kiva  for  the 
transaction  fees,  essentially  donating 
the  service,  which  otherwise  “far 
and  away  would  be  Kiva’s  greatest 
expense,”  Frazao  says.  Then  Kiva 
wires  the  money  overseas  using  San 
Francisco-based  Wells  Fargo  &  Co. 

PayPal  is  not  available  in  many  de¬ 
veloping  countries,  making  wire  trans¬ 
fers  the  most  efficient  way  of  getting 


Kindred  Spirits 


- - - -  —  -  —  —  W - 

vmw.donorschoose.org  -  Teachers 
in  public  schools  submit  proposals. 

Donors  choose  which  projects  to  fund. 

www.globalgiving.org  -  Donors  fund 
grass-roots  projects  that  appeal  to  their 
,  specific  interests. 

wvm.grameenfoundation.org 

-  Smaliloans,  financial  services  and 
technology  help  the  poor  -  especially 
women  -  start  self-sustaining  busi¬ 
nesses  to  escape  poverty. 

wvm.modestneeds.org  -  U.S. 
applicants  seek  money  for  short-term 
emergency  expenses.  Donors  help  de¬ 
termine  which  ones  shouid  be  funded. 

vmw.namaste-direct.org  -  Donors 
contribute  to  their  choice  of  specific 
micrncredit  nroiects.  _ 

Funding  the  Funders 

“The  idea  is  to  create  something  that’s 
self-sustaining,”  says  Fiona  Ramsey,  Ki¬ 
va’s  community  and  operations  manager. 
Here’s  how  nonprofit  Kiva  gets  money  to 
pay  for  its  routine  operating  expenses; 

■  Large  contributions  from  indi¬ 
vidual  benefactors. 

■  Contributions  from  lenders.  Lend¬ 
ers  at  Kiva.org  are  asked  at  checkout  to 
make  voluntary  contributions  equaling 
10%  of  their  loan  amounts  to  support 
operations.  About  90%  donate. 

■  Grants  and  corporate  gift¬ 
matching  funds. 

■  Loan  fees  to  microfinancing  insti¬ 
tutions.  This  year.  Kiva  will  start  charg¬ 
ing  its  MFI  partners  a  2%  flat  fee  on 
loans  to  help  cover  Kiva’s  costs.  (That 
fee  is  well  below  the  11%  interest  that 
lenders  typically  charge  to  microfinanc¬ 
ing  institutions  to  distribute  loans.) 

_ -  MARY  K.  PRATT 


money  there,  Ramsey  says. 

Although  aspects  ofKiva.org  feel  like 
a  retail  site,  it  operates  under  financial 
and  technical  challenges  that  don’t  af¬ 
fect  commercial  ventures.  One  of  the 
biggest  is  slow  Internet  access  in  the 
developing  world,  Frazao  says.  “The 
infrastructure  in  places  like  Uganda  is 
so  bad  that  it  makes  things  almost  im¬ 
possible,”  he  says.  “Sometimes  it  was 
taking  an  hour  to  upload  a  photo.” 

Even  when  connections  are  available, 
there  are  problems,  he  adds.  For  exam¬ 
ple,  some  partners  have  the  financial 
savvy  needed  to  scout  for  potential  en¬ 
trepreneurs  and  set  up  the  microloans, 
but  they  lack  the  necessary  computer 
and  Internet  skills. 

One  partner  in  Africa  had  to  run 
wires  from  the  road  to  his  office  to  con¬ 
nect  with  Kiva.  Those  wires  were  sto¬ 
len  within  a  day.  Now  he  has  a  wireless 
connection,  but  that’s  even  slower. 

To  get  around  poor  Internet  connec¬ 
tions,  Kiva  is  running  a  pilot  program 
using  10  camera  phones  donated  by 
Nokia  Corp.,  supported  by  Multime¬ 
dia  Messaging  Service  and  code  that 
Frazao  wrote.  Partners  can  just  take  a 
photo,  type  a  message  and  send  them. 

Back  in  the  States,  Kiva  staffers  face 
additional  challenges.  Among  the  big¬ 
gest  has  been  scaling  the  technology 
fast  enough  to  meet  the  site’s  exploding 
popularity.  In  fact,  a  spike  in  interest 
after  PBS  ran  a  Frontline/World  story 
highlighting  Kiva  in  October  caused 


the  organization’s  servers  to  crash. 
(Ironically,  the  incident  brought  in 
$75,000  in  donations  from  those  who 
tried  to  gain  access  to  Kiva.org  and 
saw  a  message  explaining  the  organi¬ 
zation’s  technical  difficulties  and  a  re¬ 
quest  for  donations  for  new  servers.) 

“The  organic  growth  works  for  a 
while,  but  there’s  a  huge  difference 
between  organic,  grass-roots  architec¬ 
ture  and  a  business-ready  architecture,” 
Matt  Flannery  says. 

Kiva  staffers  and  volunteers  are 
undeterred.  They  use  open-source 
software  whenever  they  can,  Flannery 
says,  a  move  that  has  kept  costs  down 
as  they  have  continued  to  scale  opera¬ 
tions.  And  they  recently  outsourced 
their  Web  hosting  to  Media  Temple  Inc. 
in  Culver  City,  Calif.,  because  the  ser¬ 
vice  enables  Kiva  to  handle  dramatic 
spikes  in  Web  traffic  without  incurring 
consistently  high  costs  in  doing  so. 

Media  Temple,  which  has  offered 
Web  hosting  services  for  the  past  eight 
years,  launched  a  grid-based  system 
in  October  that  can  scale  “infinitely,” 
says  CEO  Demian  Sellfors.  So  instead 
of  offering  each  client  a  site  on  a  single 
shared  server,  the  service  is  spread 
across  hundreds  of  servers.  Organiza¬ 
tions  pay  a  set  cost  for  1,000  grid  per¬ 
formance  units,  with  additional  fees  if 
they  exceed  that  amount. 


BUILDING 

®IVA,  WHICH  STARTED  WITH 
a  printer  and  six  personal  lap¬ 
tops  brought  in  by  its  workers, 
is  expanding  its  operations.  Last  July, 
it  finally  acquired  office  space,  two 
doors  down  from  a  laundromat  in  San 
Francisco’s  Mission  District.  Its  budget 
is  increasing  from  just  over  $125,000  in 
2006  to  $500,000  for  2007,  says  Chief 
Operating  Officer  Olana  Khan.  Frazao 
says  Kiva  might  even  buy  him  a  new 
laptop. 

Loftier  goals  include  expanding  the 
marketplace  and  bringing  more  lend¬ 
ers  and  borrowers  together,  says  Matt 
Flannery.  There’s  also  a  plan  to  pay 
investors  back  with  interest. 

“There  is  a  huge  potential  to  access 
capital  from  people  like  you  and  me,” 
says  Bladin.  “Kiva  is  tapping  into  that. 
How  big  that  is  or  how  far  you  can  go 
with  that,  I  don’t  know.” 

Kiva  staffers  don’t  know  either,  but 
they’re  sure  that  the  organization’s  im¬ 
pact  will  be  significant.  “We’re  just  see¬ 
ing  the  beginning,”  Frazao  says.  “Kiva 
is  about  to  get  really  big.” » 


Pratt  is  a  Computerworld  contributing 
writer  in  Waltham,  Mass.  Contact  her  at 
marykpratt@verizon.net. 
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April  17-18,  2007  |  www.saascon.com 


Software-as-a-Service  (SaaS)  is  no  longer  a 
question  of  “if’  but  a  question  of  “how?” 

In  addition  to  SaaScon’s  impressive  keynote 
lineup,  the  event  will  stand  out  as  the 
gathering  place  for  all  participants  in  the 
SaaS  marketplace  and  the  only  forum  that 
provides  practical  case  studies  and  real- 
world  SaaS  deployments  presented  by  the 
enterprise  end-users  who  implemented  them. 

To  view  the  agenda  for  SaaScon,  please  visit 
www.saascon.com/agenda.  When  you  register 
be  sure  to  enter  priority  code  {CWSave7}  to 
receive  a  $100  discount  off  the  2 -day  full 
conference  package. 
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InDemand 


Jeff  Kaplan,  Managing  Director,  THINKstrategies 
Tom  Hoffman,  National  Corespondent,  Computerworld 
Bill  McNee,  CEO,  Saugatuck  Technology 
Erin  Traudt,  Senior  Research  Analyst,  IDC 
Dave  Duffield,  CEO  &  Co-founder,  Workday 
Phil  Wainewright,  Director,  Procullux  Ventures 
Amy  Wohl,  President,  Wohl  Associates 


Platinum  Event  Sponsors: 


Akamai 


Premier  Media  Partner: 
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Gold  Event  Sponsor: 


Symantec 
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NFORMATION  TECHNOLOGY 
manager  Thomas  Barce  likes 
to  make  sure  his  vendors  are 
unfettered  by  complex  litiga¬ 
tion.  “I’ve  been  hesitant,  if 
not  unwilling,  to  work  with 
vendors  who  have  been  in 
the  public  eye  because  of  de¬ 
bacles,”  says  Barce,  regional 
manager  of  practice  support  at  Fulbright 
&  Jaworski  LLP,  a  Houston  law  firm. 

As  an  example,  he  cites  vendors  that 
provide  electronic  discovery  process¬ 
ing.  He  several  to  choose  from,  so  he 
easily  dismisses  the  few  that  have  been 
accused  in  lawsuits  of  failing  to  prop¬ 
erly  process  e-mails  and  attachments. 

Finding  a  vendor  that  hasn’t  had  some 
sort  of  legal  entanglement  might  be 
one  of  the  hardest  tasks  in  IT.  The  av¬ 
erage  U.S.  technology  or  telecommuni¬ 
cations  firm  faces  79  pending  lawsuits, 
according  to  a  recent  survey  of  311  U.S. 
companies  by  Fulbright  &  Jaworski. 

Lawyers  say  IT  executives  shouldn’t 
disqualify  a  vendor  simply  because  of 
''  its  involvement  in  legal  action.  They 
do,  however,  recommend  that  IT  shops 
examine  companies’  records  and  take 
steps  to  protect  themselves  from  legal 
action.  “It’s  important  to  carefully  as¬ 
sess  the  vendors  they’re  considering 
aligning  with,”  says  Robert  D.  Owen, 
head  of  Fulbright  &  Jaworski’s  litiga¬ 
tion  group  and  co-head  of  the  firm’s 
e-discovery  and  information  manage¬ 
ment  practice. 

Several  attorneys  offer  some  tips. 


BEWARE  THE  SNARE.  If  you  think  a 
vendor’s  legal  problems  can’t  touch  you, 
you’re  wrong.  Some  high-profile  cases 
show  just  how  nerve-racking  such  law¬ 
suits  can  be.  Just  look  at  all  the  hoopla 
around  last  year’s  patent  infringement 
case  against  Research  In  Motion  Ltd., 
the  Waterloo,  Ontario-based  maker 
of  the  popular  BlackBerry.  The  case, 
brought  by  NTP  Inc.,  threatened  to  shut 
down  the  entire  BlackBerry  community. 

Moreover,  patent  infringement  cases 
like  that  can  involve  not  just  the  ven¬ 
dors  accused  of  using  others’  technolo¬ 
gies,  but  the  users  as  well. 

“It’s  not  uncommon  for  people  who 


JUST  THE  FACTS 


Number  of  lawsuits  the  average 
U.S.  technology  or  telecommunica¬ 
tions  company  currently  faces  in  U.S.  courts. 

0|U|  What  the  typical 
O  I  ■■OIVI  technology  compa* 
ny  spent  on  litigation  in  the  past  year. 

(This  doesn’t  include  verdicts  or  settlement 
amounts,  only  fees  related  to  litigation.) 

C  AQyL  Percentage  of  telecom/ 
wHr  /U  technology  companies 

that  initiated  one  or  more  $20  million-plus 
lawsuits  in  the  past  year. 

*9  A  04%  telecom/ 

/O  technology  companies 

that  expect  their  pending  caseloads  to 
increase  next  year. 

Base:  311  corporate  counsels  at  U.S.  companies 

SOURCE:  2006  LITIGATION  TRENDS  SURVEY  CONDUCT¬ 
ED  DURING  MAY  AND  JUNE  2006  BY  BUSINESS  DEVEL¬ 
OPMENT  DIRECTIVES  FOR  FULBRIGHT  &  JAWORSKI  LLP 


own  patents  to  threaten  customers  and 
say,  ‘Your  vendor  is  selling  a  product 
that  infringes  my  patent,  and  by  using 
this  product,  you’re  infringing  on  my 
patent,’  ”  says  Tony  Fitzpatrick,  co- 
chairman  of  the  intellectual  property 
litigation  practice  at  Duane  Morris  LLP, 
a  law  firm  in  Philadelphia. 

Vendors  are  also  frequently  involved 
in  disputes  with  clients  or  employees 
who  have  moved  to  the  competition  and 
have  allegedly  taken  confidential  infor¬ 
mation  or  client  lists  with  them,  says 
Fitzpatrick.  “Occasionally,  these  cases 
can  ensnare  customers  as  well,”  he  adds. 

GET  THE  LOWDOWN.  Learning  about 
a  vendor’s  legal  problems  takes  some 
footwork,  so  not  all  IT  shops  include 
this  step  when  picking  suppliers,  says 
James  G.  Gatto,  the  national  intel¬ 
lectual  property  section  leader  at  San 
Francisco-based  Pillsbury  Winthrop 
Shaw  Pittman  LLP.  But  they  should,  he 
says,  adding  that  a  company’s  IT  group 
and  legal  department  should  together 
examine  a  vendor’s  history  in  this  area. 

“Certainly,  it’s  wise  to  ask  about 
whether  the  vendor  has  any  pending  le¬ 
gal  problems,  whether  actual  lawsuits 
have  been  filed  or  have  been  threat¬ 
ened,”  Fitzpatrick  says.  Good  sources 
of  this  information  include  LexisNexis 
CourtLink,  which  provides  informa¬ 
tion  on  pending  litigation  in  courts 
throughout  the  U.S.,  and  reports  pub¬ 
lished  by  The  Dun  &  Bradstreet  Corp. 

ANALYZE  THE  DETAILS.  Just  knowing 
that  a  vendor  has  litigation  pending 
isn’t  enough  information  to  make 
smart  decisions.  “People  bring  lawsuits 
all  the  time,  whether  they’re  meritori¬ 
ous  or  not.  So  companies 
should  look  at  the  type 
of  litigation,”  says  Alan 
N.  Sutin,  chairman  of  the 
national  technology,  media 
and  telecommunications 
practice  at  Greenberg 
Traurig  LLP,  a  law  firm  in 
New  York.  “If  there  are  a 
high  number  of  litigations 
that  center  around  failure 
to  perform  or  litigation 
surrounding  issues  such 
as  security  breaches  or 
confidentiality  or  privacy 
concerns,  those  are  very 
relevant.” 

Barce  says  he  wouldn’t  discount  a 
vendor  that  is  facing  litigation  over  a 
disputed  trademark,  but  he  wouldn’t 
w'ork  with  one  facing  claims  that  its 
products  didn’t  work  as  promised. 

Gatto  goes  a  step  further.  He  contacts 
people  involved  in  litigation  to  learn 


Protect¥3urself 


Even  if  you’ve  done  your  due  dili¬ 
gence.  there’s  no  guarantee  that  your 
vendor  won’t  find  itself  in  litigation 
-  or,  worse,  drag  you  into  K.  Here’s 
how  to  protect  yourself. 

■  Seek  indemnification.  A  provision 
requiring  the  vendor  to  indemnify  you  in 
case  of  any  legal  challenges  is  “probably 
the  best  and  most  basic  protection  you  can 
get,”  says  Tony  Rtzpatrick,  co-chairman  of 
the  intellectual  property  litigation  practice 
at  Duane  Morris.  With  that  in  the  contract, 
if  a  company  claiming  patent  infringement 
on  a  software  application  sues  both  your 
vendor  and  you  (as  the  user),  your  vendor 
must  cover  the  cost  of  defending  you 
against  the  claim  as  well  as  any  losses  or 
disaiptions  your  company  suffers. 

■  Consider  insurance.  Indemnifica¬ 
tion  has  limits,  says  James  6.  Gatto,  the 
national  IP  section  leader  at  Pillsbury 
Winthrop  Shaw  Pittman.  For  instance,  a 
claim  of  patent  infringement  might  not 
arise  from  the  vendor’s  product  but  rather 
from  how  you,  the  user,  customized  it. 

That  could  leave  you  facing  all  the  costs  of 
litigation  and  any  settlement  or  judgment 
against  you.  Patent  infringement  insurance 
policies  would  cover  the  costs  of  legal  ac¬ 
tion  and  damages,  Gatto  says. 

-  MARY  K.  PRATT 

what  happened  to  trigger  it.  If  the  cases 
are  “just  routine  business  disputes,” 
that’s  one  thing,  he  says,  but  “when  you 
see  a  pattern  of  activities,  that’s  when 
the  antennae  should  go  up.  Actually, 
that’s  when  you  should  run  away.” 

INVOLVE  COUNSEL  EARLY.  Compiling 
and  analyzing  all  this  legal 
information  is  a  big  task,  so 
don’t  go  it  alone,  Sutin  says. 
‘‘One  common  mistake  that 
companies  make  is  involv¬ 
ing  lawyers  way  too  late  in 
the  process,”  he  says.  That’s 
particularly  true  when  com¬ 
panies  hire  vendors  through 
a  request  for  proposal 
process  where  the  RFP 
fails  to  include  terms  about 
contractual  protections  and 
disclosures  of  past  activities. 

“The  important  thing,” 
Gatto  says,  “is  to  pick  your 
partners  well,  do  your  re¬ 
search  well  and  make  sure  you  have 
both  business  and  legal  people  in¬ 
volved  in  assessing  the  issues.”  • 


Pratt  is  a  Computerworld  contributing 
writer  in  Waltham,  Mass.  Contact  her  at 
marykpratt@verizon.  net. 
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MANAGERS’ 


WITH  PAUL  OLEN 


FORUM 


Welcome  to  the 
Managers'  Forum! 
My  goal  is  to 
provide  an  oppor¬ 
tunity  for  lively 
discussion  on  the 
art  and  craft  of 
management, 
ril  do  my  best 
to  answer  your 
questions,  and 
there’s  room  for  your  responses  as 
well.  Please  send  your  questions, 
comments  and  critiques  to  me  at 
management@paulglen.com 


Ql  have  an  employee  who  is 
near  retirement,  and  his 
focus  at  work  is  not  what  it 
used  to  be.  He  is  a  very  smart, 
senior-level  technician  who 
once  could  be  relied  upon  to 
get  things  done  and  done  well. 
Now  I  feel  I  need  to  manage 
him  almost  to  the  micro  level:  Did  you 
see  the  e-mail?  Is  that  done?  Where 
does  this  stand?  etc.  Since  he  is  a  senior- 
level  guy,  I  don’t  feel  this  is  a  good  use  of 
my  time,  and  I’m  sure  he’s  not  enjoying 
it  either.  In  addition  to  “missing”  the 
e-mails,  he’s  getting  belligerent  in 
meetings,  especially  around  one  topic 
where  he  is  not  in  agreement  with  the 
decision  that  was  made.  Any  insight  on 
how  to  manage  this  situation  would  be 
greatly  appreciated. 

When  driving,  we  rely  on  the  fact  that 
when  we  press  on  the  brake  pedal,  the 
car  will  slow  and  stop.  We  trust  that 
a  chain  of  mechanical  or  electronic 
events  will  invariably  follow  that 


initial  impulse  and  that  the  entire 
system  will  behave  predictably.  It’s  no 
accident  that  movies  and  TV  shows 
often  resort  to  failing  brakes  as  a  plot 
device  (no  matter  how  tired  it  may 
be).  That  fear  of  the  failure  of  reliable 
levers  of  control  is  something  we 
can  all  relate  to. 

As  managers,  we  often  make  the 
same  assumptions  about  the  levers  of 
organizational  control  at  our  command 
—  that  they  are  as  predictable  and  reli¬ 
able  as  a  brake  pedal.  And  similarly,  we 
fear  the  failure  of  those  tools. 

Traditional  methods  of  keeping  sub¬ 
ordinates  in  line  or  on  board  usually 
relate  to  fear  or  greed.  When  we’re 
faced  with  a  recalcitrant  person,  a  good 
percentage  of  the  approaches  that  we 
think  of  involve  manipulating  these 
base  emotions.  Employees  fear  pun¬ 
ishment  and  humiliation,  so  if  we  can 
credibly  hold  the  threat  of  dismissal, 
demotion,  public  shame  or  an  obstruct¬ 
ed  career  path  over  their  heads,  they 
are  likely  to  toe  the  line  no  matter  what 
they  really  think  or  feel.  They’d  do  the 
same  if  we  offered  the  dream  of  future 
riches,  promotions  or  power. 

But  when  employees  no  longer  look 
to  the  future  with  anticipation  or 
trepidation,  these  offers  and  threats 
become  powerless,  and  managers  feel 
terrified  by  the  breakdown  of  control. 
So  end-of-career  employees  can  offer 
special  challenges. 

Often,  you  either  can’t  or  wouldn’t 
consider  firing  them.  They  are 
protected  by  union  rules,  seniority 
systems  or  the  tacit  threat  of  an  age 
discrimination  lawsuit.  And  even  if 
you  could  fire  them,  it  seems  wrong  to 
ignore  a  history  of  contribution,  even 
if  their  current  production  isn’t  up  to 


previous  standards.  Not  only  would 
it  be  disrespectful  to  the  individual 
involved,  but  it  could  also  demoralize 
others  who  look  forward  to  a  long 
career  at  the  company. 

So,  What  to  Do? 

First,  ask  yourself.  Why  is  this  person 
suddenly  acting  out?  Something  is 
going  on  emotionally  to  lead  to  this 
change  in  behavior.  It  may  have  some¬ 
thing  to  do  with  the  work  that  he’s 
been  assigned  or  the  decisions  that 
were  made,  but  my  guess  would  be  that 
it’s  probably  not. 

I’d  say  this  is  probably  a  reaction 
to  his  pending  life  change.  If  the  em¬ 
ployee  has  excelled  at  his  craft,  a  great 
deal  of  his  personal  identity  is  wrapped 
up  in  being  technically  competent  and 
producing  results.  He  is  used  to  being 
an  important  part  of  a  group  of  peers. 
He  is  used  to  being  respected  for  his 
abilities  and  contributions. 

All  of  this  is  about  to  be  stripped 
away  from  him,  and  that’s  probably 
somewhat  terrifying.  In  order  to  dis¬ 
engage  from  a  lifetime  of  work  and 
identification  with  his  role,  he  may 
need  to  construct  a  reality  in  which 
work  is  a  terrible  place  that  he  must  es¬ 
cape  from,  not  a  setting  where  he  feels 
a  sense  of  pride  and  accomplishment. 
He  may  need  you  to  be  a  tiresome, 
overbearing  nag  in  order  to  justify 
leaving  it  all  behind. 

He  may  also  be  suffering  from  a 
bout  of  bitterness  or  disappointment. 
He  may  be  feeling  that  he  hasn’t  ac¬ 
complished  what  he  set  out  to  do  with 
his  career.  He  may  not  like  a  future 
without  technical  problems  to  solve  or 
things  to  accomplish. 

I  think  that  his  situation  calls  for  a 
sympathetic  treatment.  This  sounds 
like  a  person  who  deserves  the  gratitude 
of  the  organization  and  a  graceful  exit. 

Sit  down  with  him  and  outline  your 
dilemma.  Let  him  know  how  much 
his  contributions  and  years  of  service 
mean  to  you  and  the  company,  and  how 
much  his  continued  contributions  will 
mean.  Tell  him  that  you  feel  uncom¬ 
fortable  micromanaging  someone  of 
his  experience,  ability  and  maturity. 
Ask  him  how  the  two  of  you  can  best 
work  together  in  the  time  he  has  left. 

If  he  responds  well,  respect  his  wish¬ 
es  as  much  as  possible. 

If  he  responds  badly  —  either  bellig¬ 
erently  or  with  a  denial  of  the  problem 
—  you  have  your  answer.  You  are  un¬ 
likely  to  bring  him  around.  In  that  case, 
you  will  probably  have  to  isolate  him 
somewhat  in  order  to  limit  the  damage 
he  can  do  to  projects  or  the  morale  of 
his  peers  while  his  career  winds  down.  ► 


I 


I  appreciated  your  advice  about 
how  to  float  an  idea  upward,'  '  - 
but  what  can  you  do  when  the 
guy  at  the  top  is  too  pigheaded  to 
listen  to  reason  -  even  when  you 
have  most  of  the  executives  on 
your  side?  -  K.A. 


When  a  leader  is  beyond  reason,^'”;; 
it  becomes  very  difficult  to  con- 
vince  him  of  anything,  If  building.-^; 
a  coalition  of  peers  proves  insuf¬ 
ficient,  there  are  probably  only  a 
few  options. 

1.  Wait  it  out.  It  may  be  possible 
to  Just  wait  until  the  correctness  of 
your  position  becomes  undeniable. 

2. '  Resign.  Often,  if  you  can’t  in 
good  conscience  follow  your  man¬ 
ager,  you  may  have  to  leave  either 
your  position  or  the  organization  .  < 
as  a  whole. 

3.  Foment  a  coup,  if  vyhat  the 
manager  is  doing  is  very  damaging 
to  the  organization,  you  may  vyant  : 
to  try  to  get  the  manager  removed. 
(Note  that  this  is  a  very  high-risk 
strategy  and  should  be  approached 
extremely  carefully.) 

4.  Stop  caring  and  just  retire  on 
the  job.  Just  kidding.  This  is  bad 
for  everyone  involved.  -  P.O. 


When  reading  your  advice  for 
business  managers  to  spend  time 
within  IT,  I  was  considering  doing 
the  opposite.  Should  IT  manag-  ~ 
ers  spend  some  time  outside  of  IT 
as  they  climb  the  ladder?  I  feel 
would  greatly  benefit  from  better  ^ 
understanding  the  business  side  H 
I  did  that.  -  C.X. 


I’d  say  that  it  reatly  de'pbiids  bh  the^^ 
path  you  want  your  qareerlo  taks.^ 
In  genersi,  i  think  that  tim^^ 
business  unit  is  aluiays 
if  you  yyant- to  stay 

sa|<  it.is-.probaMy^of'y^jR^^pfjM 

lesser  v^ue  than  jf 
into  client  iiaisonf>'wep|f^ 

Regardless,  speddbi$  tiwjjna^^ 
business  unit  is  a  nreiA  id 
long  as  it  is  not 

duty  that  you  losa8l^ei^.i^aiHMSMpMm 
to  the 
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Which  best  describes  the 
current  business  climate  for 
your  industry? 

8%-,  1^  1% 


How  does  your  current  IT 
spending  compare  with  your 
spending  at  this  time  last  year? 


in 

o 


49% 


3% 


How  will  your  IT  spending  three 
business  quarters  from  now 
compare  with  your  budget? 

Stay  the  same:  | -  Decrease 

10%  1|^^2%'°' 


ncrease  r/o 


:}g5%:  "Increase 

27%  5%  or  mo 

61% 


Looking  ahead  to  the  end 
of  the  year,  how  will  your 
actual  IT  spending  compare 
with  your  budget? 


I 


2  t 
0) 

c 

3  a 


65%  31%  2%  2% 

Base:  115  CIOs  at  North  American 
companies,  polled  in  December  2006 


PAUL  M.  INGEVALDSON 


Partn 


IN  MY  NOV.  27  COLUMN,  I  described  my  experi¬ 
ence  teaching  an  MBA  class  at  a  local  university. 
The  article  portrayed  my  frustration  over  my 
inability  to  convince  the  students  of  the  value 
of  IT  and  the  need  to  understand  how  to  effec¬ 
tively  work  with  IT  to  achieve  top-quality  systems  for 
their  businesses. 

I  received  a  lot  of  e-mail  responses.  One  writer  com¬ 
mented,  “What  IT  still  doesn’t  understand  is  that  Nick 
Carr  was  right!  IT  is  an  infrastructure  service.” 


A  CIO  wrote  that  when 
he  talked  to  his  son,  a 
recent  college  graduate, 
about  an  IT  career,  his 
son  responded,  “Dad,  I 
wouldn’t  think  of  IT  as  a 
career.  Don’t  you  know 
everybody  hates  IT?” 

A  third  reader,  from  Aus¬ 
tralia,  said,  “I  wait  for  the 
day  when  IT  is  as  mature 
as  the  automotive  indus¬ 
try  and  all  a  user  needs  to 
know  is  ‘how  to  drive,’  how 
to  buy  what  they  need  and 
how  to  ring  someone  to 
service  or  fix  their  IT  stuff.” 

As  I  see  it,  these  comments  indicate 
that  there  are  people  with  a  range  of 
opinions  out  there  who  fail  to  compre¬ 
hend  the  incredible  opportunities  that 
exist  for  companies  if  they  properly 
position  and  use  IT  to  advance  their 
businesses. 

I  started  in  IT  more  than  40  years 
ago.  At  that  time,  automobile  manu¬ 
facturers  didn’t  use  robotic  systems 
to  build  cars.  Paint  manufacturers 
didn’t  use  process  control  systems  to 
ensure  a  high-quality  product.  Retail¬ 
ers  didn’t  have  point-of-sale  computer 
systems  tied  into  back-end  inventory 
management  systems.  Retailers  and 
manufacturers  didn’t  use  sophisticated 
inventory  replenishment  systems  to 
minimize  inventory  requirements.  The 
PC  hadn’t  been  invented,  and  online 


systems  were  just  begin¬ 
ning  to  be  developed. 

This  list  could  go  on  and 
on.  The  IT  departments 
within  companies  over  the 
past  40  years  have  literally 
revolutionized  how  busi¬ 
ness  is  conducted  around 
the  world.  Just  look  around. 
Almost  all  knowledge 
workers  spend  their  days 
in  front  of  terminals  doing 
their  jobs.  And  this  doesn’t 
even  begin  to  discuss  how 
the  Internet  is  changing 
the  way  companies  go  to 
market. 

Yet  my  respondents,  like  the  college 
graduate,  say  everyone  hates  IT.  I  find 
it  very  ironic  that  we  agents  of  change 
are  held  in  such  low  regard  across  the 
business  spectrum.  I  know  this  isn’t 
a  universal  feeling  in  all  companies, 
but  I  have  a  sense  that  it  is  more  com¬ 
mon  than  we  in  IT  would  like  to  admit. 
Suffice  it  to  say  one  would  expect  that 
a  profession  that  brought  so  much 
change  would  be  held  in  much  higher 
regard  rather  than  experience  the  love- 
hate  relationship  it  often  does.  Perhaps 
this  very  mission  to  bring  change  to 
internal  operations  is  the  cause  of  the 
bad  feelings.  People  don’t  like  change, 
and  that’s  what  we  bring. 

This  is  why  I  think  we  have  a 
problem.  Instead  of  honoring  IT  for 
improving  the  operations  and  competi- 
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tive  advantage  of  our  companies,  ex¬ 
ecutive  management  often  tries  to  cut 
our  budgets,  reduce  our  staffs  and  out¬ 
source  our  activities.  Then  it’s  quick 
to  hire  consultants  who  always  have 
a  “better”  solution  than  what  the  inter¬ 
nal  staff  is  offering.  Often,  instead  of 
retaining  a  highly  motivated  staff  that 
has  the  potential  for  great  innovations, 
we  are  left  with  a  demoralized  main¬ 
tenance  staff  that  is  pushed  around 
by  consultants.  This  is  certainly  not  a 
recipe  for  success. 

IT  management  must  rise  to  this 
challenge  and  quit  giving  in  whenever 
the  budget-cutters  target  IT  as  the  so¬ 
lution  to  annual  budget  shortfalls.  We 
must  win  the  argument  that  our  costs 
ultimately  improve  the  expense  ratios 
within  the  user  departments.  We  must 
win  the  argument  that  a  talented,  moti¬ 
vated  and  skilled  IT  workforce  is  need¬ 
ed  if  we  are  to  bring  innovation  to  our 
company’s  offerings.  We  must  force 
our  senior  executives  to  better  under¬ 
stand  the  unique  role  of  IT  in  bringing 
competitive  advantage  to  our  business¬ 
es.  And  we  must  convince  all  our  users 
that  by  working  together  with  us  in 
systems  development,  we  will  develop 
better,  more  aligned  systems. 

It’s  a  tough  job  and  probably  the 
most  important  one  for  the  CIO  and 
the  CIO’s  senior  staff.  They  must  con¬ 
tinually  show  that  they  understand  the 
business  and  must  also  document  the 
contributions  made  by  the  IT  depart¬ 
ment.  IT  must  position  itself  to  be  the 
technology  innovators  of  the  future.  By 
doing  this,  IT  will  ensure  itself  a  place 
at  the  table  and  will  continue  to  chal¬ 
lenge  the  company  to  move  forward 
in  an  aggressive  manner.  If  we  fail  to 
do  this,  we  run  the  risk  of  becoming 
the  irrelevant  utility  envisioned  by 
my  reader  from  down  under,  and  our 
companies  will  pay  the  price  in  the 
long  term. » 

WANT  OUR  OPINION? 
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Turn  back  network  time. 


Stop  missing  critical  events. 

For  a  trusted  approach  to  problem  resolution  rely  on  the  Network  Instruments®  GigaStor™  appliance. 
Everything  is  recorded — every  packet,  every  protocol,  every  transaction  for  hours,  days,  even  weeks. 
The  unique  GigaStor  interface  provides  an  effective  way  to  go  back  in  time  to  determine  not  only 
when  the  application  went  down  but  why. 

Resolve  intermittent  network  problems,  track  compliance  efforts,  isolate  VoIP  call  quality  issues, 
and  more  on  the  most  complex  WAN,  Gigabit,  and  10  GbE  networks.  Find  out  how  you  can  turn 
back  the  clock  with  the  GigaStor.  After  all,  your  network  history  shouldn't  be  a  thing  of  the  past. 
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I  GigaStor:  Get  proof.  Take  action.  Move  forward. 
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Learn  more  about  GigaStor.  800-566-091 9 

www.Networklnstruments.com/Tlme 
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IT  Opportunities 

Due  to  our  rapid  growth,  we  have  the  following  positions  available: 

Programmer  Analyst:  Analyze,  design,  develop,  code,  test  and  maintain 
database  management  systems.  Must  have  at  least  a  Bachelor's  degree  and 
+3  years  experience  and  the  ability  to  use  Mainframe,  DBA,  AS400  and 
Client-Server  Tools. 

Project  Managers/Leaders:  Lead  a  team  of  programmer  analysts  &  data 
base  administrators  on  development  and  maintenance  of  hardware  and  software 
applications  as  well  as  be  responsible  for  project  planning  and  quality  assurance. 
Must  have  a  Bachelor's  degree  and  +5  years  experience  and  the  ability  to  use 
Mainframe,  DBA,  AS400  and  Client-Server  Tools. 

Business  Development  Managers/Directors:  Manage  sales  activities 
and  achieve  sales  quota  for  assigned  territory.  Help  Syntel's  sales  leadership  in 
planning  and  rolling  out  an  inside  sales  strategy.  Must  have  a  Bachelor's  degree 
and  +3  years  experience. 

All  positions  are  located  throughout  the  U.S.  and  travel  is  usually  required. 

Above  positions  commonly  require  any  of  the  following  skill  sets: 

Mainframe:  IMS  DM/DC  OR  DB2,  MVS/ESA,  COBOL,  CICS,  Focus,  IDMS  or 
SAS. 

DBA:  ORACLE  OR  SYBASE  DB2,  UDB 

Client-Server/WEB:  Ab-initio  •  Oracle  Applications  &  Tools  •  Websphere 

•  Lotus  Notes  Developer  •  VB,  Com/Dcom  ,  Active  X,  •  Web  Architects  •  UNIX, 
C,  C++,  Visual  C++,  C#.NET,  ASP.NET  ,VB.NET  •  SAP/R3,  ABAP/4  or  FICO  or 
MM  &  SD  •  lEF  •  Datawarehousing  and  ETL  tools  •  WiNT  •  Oracle  Developer 
or  Designer  2000  •  JAVA,  HTML,  J2EE,  EJB  •  RDBMS  •  PeopleSoft 

•  PowerBuilder  •  Web  Commerce 


AS400:  RPG,  ILE,  Coolplex 


Please  forward  your  cover  letter  and  resume 
to:  Syntel,  Attn:  Recruitment  Manager 
525  E.  Big  Beaver,  Ste.  300 
Troy,  Ml  48083 

E-mail:  synteLusads@syntelinc.com  EOE 
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IS  Specialist;  Perform  require¬ 
ment  gathering,  technical 
specification  design,  documen¬ 
tation,  unit  testing  &  program¬ 
ming  using  SAP  ABAP 
Workbench  tools.  Specialized 
in  Technical  SAP  HR. 
Bachelor’s  degree  or  equiva¬ 
lent  In  Computer  Science  or 
Engineering  and  5  years  of 
experience  in  an  IT  related 
position.  Please  forward 
resume  to  Phyllis  Williams 
(AB),  Valero  Energy  Corp., 
One  Valero  Way,  San  Antonio, 
TX  78249. 


Project  Manager 
needed  to  direct,  plan 
&  coordinate  the 
delivery  of  product- 
based  applications. 
Mail  resume  to: 
LogiSolve,  Attn: 
BCarpenter,  12866 
Hwy  55,  Minneapolis, 
MN  55441.  EOE 


Web  Security  Designer 
needed  w/exp  to  direct, 
plan,  coord  &  impi 
security  related  projects 
for  Inter,  intra  &  extranet 
using  Comp.  Assoc. 
SiteMinder,  IdentityMinder, 
MS  Active  Directory  & 
Open  S/ware  Foundation 
DCE.  Must  be  CISSP. 
Send  resume  to: 
LogiSolve,  Attn:  B.J.C., 
12866  Hwy  55,  Plymouth, 
MN  55441. 
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Sr.  Software  Developer 
sought  by  Webroot  Software, 
Inc.  in  Mountain  View,  CA  to 
dsgn,  dvip  &  test  anti-spyware 
s/ware  &  internet  security 
technologies  for  consumers  & 
enterprises.  Reqs  MS  in 
Comp.  Sci.,  Engg.,  or  related 
field:  or  BS  +  5  yrs  exp.  Must 
also  have  working  knowl 
of  impimtg  window  n/work 
layer  device  drivers.  Win  Low- 
level  Systm  Prgmg.  C++, 
COM/COM+,  &  multi-thread 
prgmg.  Submit  resumes  to 
Lisa  Mouscher,  2560  55th  St, 
Boulder,  CO  80301. 


Programmer  Analyst  w/Bach  in 
Comp  Scie  or  Engr  or  CIS  or 
Math  &  2  yrs  exp  to  dev.  front  end 
applic.  &  create  back  end  data 
design  by  using  C++,  Java, 
ASP.Net,  PL/SQL.  XML  &  PHP. 
Implement  Oracle  distribution  / 
production  &  mfg  modules. 
Gather  requiremnt,  design,  build, 
test  &  deploy  applic.  using 
Workflow  Builder,  Discoverer  & 
Data  Loader.  Exp  prior  to  comple¬ 
tion  of  Bachelors  acceptable. Mail 
res  to;  Optima  Technology 
Partners,  Inc. 9  Mount  Pleasant 
Tpke,  Ste  103,  Denville,  NJ 
07834  Job  loc;  Denville.  NJ  or  in 
any  unanticipated  loc  in  the 
U.S.A. 


Sr.  Software  Engineer.  Handle 
Techno  Functional/Development 
work  in  Oracle  Collaboration 
suite,  Oracle  Ebusiness  suite  111 
&  web  applications  using  aJava, 
J2EE,  JSP,  Servlets  XML  for 
Oracle  database  and  SQL,  Unix 
and  Linux  platforms/  Operating 
systems.  Will  supervise  juniors. 
Must  Bachelors  of  Engineering, 
any  discipline,  foreign  equiv 
acceptable.  6  yrs  of  exp.  as  an 
information  technology  profes¬ 
sional.  3  yrs  of  exp.  in  all  above 
skills  and  tools.  Location  NJ,  trav¬ 
el  required.  Send  resume  to  IB 
Infologic,  Suite  B4,614  RTE  130 
East  Windsor  NJ  08520  or 
hr@ibinfologic.com 


Business  Process  Analyst, 
Auburn  Hills,  Mi.  Analyze,  design, 
dvIp  &  support  computer-based 
business  processes  to  support 
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Bl  Value 


manage  its  supply  chain  and 
monitor  corporate  perfor¬ 
mance.  Yet  Stone  said  he  is 
still  asked  by  top  executives 
for  a  specific  return  on  his  BI 
investment. 

At  the  same  time,  BI  has  be¬ 
come  so  critical  to  Lowe’s  that 
the  home  improvement  retailer 
is  building  a  new  data  center 
in  San  Antonio,  in  large  part  to 
back  up  its  Teradata  data  ware¬ 
house  and  BI  applications  from 
McLean,  Va.-based  MicroStrat- 
egy  Inc.,  he  said. 

“In  the  end,  you’re  likely  to 
be  faced  with  some  form  of 
‘proof  question,”  Stone  said 
during  a  keynote  presentation 
at  the  MicroStrategy  World 
2007  user  conference  held 
here  last  week.  And,  he  noted, 
“definitive  proof  is  hard  to 
come  by.” 

For  example,  several  years 
ago,  Lowe’s  used  its  data 
warehouse  and  BI  tools  to 
help  solve  a  problem  with 
collecting  fees  for  delivering 
products  to  customers.  Pay¬ 
ments  for  deliveries  increased 
by  $30  million  in  the  year  after 
the  company  first  started  us¬ 
ing  the  tools  to  find  out  which 
stores  weren’t  collecting  the 
fees,  Stone  said.  “This  is  an  ex¬ 
ample  of  what  BI  is  adding  to 
the  bottom  line,”  he  said. 

Still,  the  CEO  at  the  time 
asked  Stone  whether  he  could 
definitively  link  the  bump  in 
collections  to  the  use  of  BL 
“There  is  no  silver  bullet,  [but] 
if  you  continue  to  deliver  val¬ 
ue,  the  funding  always  seems 
to  inch  its  way  back  to  your 
budget,”  Stone  said. 

Lowe’s  has  several  new  BI 
projects  under  way,  including 
one  to  identify  fraudulently 
returned  products.  Stone  said 
these  initiatives  all  demon¬ 
strate  the  value  that  BI  brings 
to  the  company. 

Lowe’s  has  also  started  us¬ 
ing  BI  technology  to  track 
50  million  items  in  its  1,400 
retail  stores  against  billions  of 


transactional  records  to  plan 
inventory  levels  and  analyze 
the  effectiveness  of  the  4,000 
to  6,000  quantity-discount 
programs  Lowe’s  has  in  place 
at  any  one  time,  Stone  said. 

Overall,  the  company  uses 
the  BI  tools  to  create  170,000  re¬ 
ports  per  week  for  internal  us¬ 
ers  and  for  personnel  at  almost 
1,000  of  its  suppliers,  he  said. 


Paul  Wolters,  technology 
manager  of  BI  at  Kansas  City, 
Mo.-based  Hallmark  Cards 
Inc.,  said  the  company  uses 
MicroStrategy  analytic  tools 
for  several  critical  applica¬ 
tions,  including  one  that  pro¬ 
vides  data  for  automatically 
replenishing  stock  in  its  460 
stores. 

Still,  Wolters  and  his  team 


must  continue  “prospecting” 
to  highlight  the  value  of  BI  to 
corporate  managers,  he  said. 
Prospecting,  Wolters  said, 
means  dispatching  internal 
BI  specialists  to  all  areas  of 
the  business  to  proactively 
identify  pain  points  in  em¬ 
ployee  processes  and  come  up 
with  BTbased  solutions  to  the 
problems. 

“If  I  can  come  up  with  a  solu¬ 
tion  that  helps  [an  employee] 
understand  where  his  pain  is 
and  what  he  can  do  about  it, 
that  is  powerful,”  he  said.  “We 
try  to  use  that  as  a  marketing 
tool  internally.” 

Even  with  those  efforts, 
Wolters  said  he  still  has  to 
prove  the  benefits  of  BI  to  his 
CIO  and  even  to  other  IT  em¬ 
ployees.  “We  have  spent  a  lot 
of  time  evangelizing  BI  to  the 
IT  folks,”  he  said.  “They  still 
are  in  the  mind-set  that  BI  is 
just  reporting.” 

Ted  Bross,  associate  director 
of  administrative  information 
services  at  Princeton  Univer¬ 
sity,  said  that  though  he  knows 
that  the  university’s  Cognos  BI 
tools  have  made  life  easier  and 
better  for  users,  he  can’t  easily 
quantify  those  benefits  for  uni¬ 
versity  officials. 

“We  would  like  to  think  that 


in  time,  we  will  be  able  to 
demonstrate  the  value  of  BI  to 
our  university  executives,  but 
we’re  not  there  yet,”  Bross  said. 
“Positive  feedback  from  faculty 
and  staff  make  us  feel  like  we 
are  on  the  right  track.” 

Proving  BI’s  tangible  value 
has  not  been  a  problem  for  all 
companies,  however. 

For  example,  after  Corpo¬ 
rate  Express  Inc.  started  using 
MicroStrategy’s  BI  tools,  it  was 
able  to  cut  costs  by  eliminating 
31  jobs  that  were  dedicated  to 
running  Microsoft  Access  BI 
reports,  said  Matt  Schwartz, 
director  of  business  analysis 
at  the  Broomfield,  Colo.-based 
office  supply  company. 

Corporate  Express  also  uses 
MicroStrategy  data  mining 
tools  to  predict  potential  cus¬ 
tomer  turnover,  and  this  year 
it  will  start  using  BI  to  provide 
customers  with  online  access 
to  reports  detailing  how  much 
they  spend  with  the  company. 

Schwartz  noted  that  the 
lack  of  that  capability  in  the 
past  prompted  one  client,  fi¬ 
nancial  services  firm  BB&T 
Corp.,  to  jump  ship  to  a  Cor¬ 
porate  Express  competitor. 
Therefore,  he  said,  adding  the 
capability  “was  a  very  easy 
sell  to  our  CEO.”  * 


Lowe’s,  Nordstrom  Expand 
Infrastructures  to  Support  Bl 


LAS  VEGAS 

THE  GROWING  USE  of  business  in-  * 
telligence  technology  is  beginning  to 
strain  some  corporate  IT  infrastruc¬ 
tures,  according  to  some  users.  I 

For  example,  Lowe's  this  month 
completed  an  installation  of  3,000  * 
AlX-based  IBM  servers  to  better  • 

handle  spikes  in  user  demand  for  ] 

access  to  the  MicroStrategy  Bl  tools  . 
it  uses.  ; 

The  MicroStrategy  tools  previ-  • 

ously  ran  on  Windows-based  | 

systems,  CIO  Steve  Stone  said  in  an  : 
interview  at  the  MicroStrategy  user  : 
conference  here  last  week.  • 

In  addition,  Lowe’s  is  building  a 
second  data  center  in  San  Antonio  . 


that  will,  among  other  things,  be 
used  to  back  up  the  retailer’s 
Teradata  data  warehouse  and 
MicroStrategy  Bl  applications, 
Stone  said. 

The  new  data  center  is  slated  to 

M  We  are 
having  good 
response  times.  We 
are  ready  to  take  on 
new  projects  now. 

JAMES  TAYLOR,  PROGRAM 
MANAGER  FOR  DATA  WARE¬ 
HOUSING  AND  Bl,  NORDSTROM 


be  completed  by  year’s  end,  he  said. 

The  home  improvement  company 
plans  to  use  the  Dual  Active  System 
Solution  from  Dayton,  Ohio-based 
Teradata  in  the  new  data  center  and 
in  its  existing  one  in  Winston-Salem, 
N.C.,  so  that  the  data  warehouse 
and  Bl  tools  can  be  run  in  both 
locations. 

“Once  you  start  making  opera¬ 
tional  decisions  that  impact  the  life¬ 
blood  of  your  company,  you  have  to 
make  [Bl]  a  Tier  1  application  in  your 
company,”  Stone  said. 

Nordstrom  Inc.  now  has  5,000 
MicroStrategy  users  running  10,000 
reports  per  day,  but  it  projects  that 
its  user  base  will  grow  to  20,000 
running  35,000  reports  per  day  by 
next  year,  said  James  Taylor,  pro¬ 
gram  manager  for  data  warehousing 
and  Bl  at  the  Seattle-based  retailer. 


To  absorb  this  growth  without 
suffering  performance  hits,  the 
company  last  month  moved  its  Bl 
operations  from  a  32-bit  Windows 
environment  to  64-bit  machines  mn- 
ning  Sun  Microsystems  Inc.’s  Solaris 
10  operating  system. 

So  far,  the  company  has  seen  a 
9%  decrease  in  report  response 
times  and  an  overall  30%  improve¬ 
ment  in  performance,  Taylor  said. 

“We  are  having  good  response 
times,"  he  added.  “We  are  ready  to 
take  on  new  projects  now.” 

Vaidyanathan  Seshan,  IT  proj¬ 
ect  manager  at  Nordstrom,  said 
that  once  the  new  systems  were 
installed,  “users  did  not  see  any 
change  in  look  and  feel  [of  the  Bl 
application].  For  them,  it  was  a 
nonevent.” 

-  HEATHER HAVENSTEIN 
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Vista  Rush 


MURCHNICK  looked  across  at  the  Old  Man  in  disbelief. 

“We’re  not  gonna  upgrade  to  Vista  until  when?” 

“Maybe  next  year,”  the  Old  Man  said.  Uh-oh,  he 
thought  —  here  comes  trouble.  “What’s  wrong, 
Murch?  I  thought  everything  was  running  fine  for 
your  sales  guys.  You  don’t  need  Vista.  And  you  know  it’s  going  to  take 
time  to  figure  out  how  much  hardware  Vista  will  require  for  us,  and 
make  sure  none  of  our  applications  will  break.  What’s  the  rush?” 

“Well . . .”  Murchnick  hesitated.  “I  have  to  use  it  at  home.” 


The  Old  Man’s  eyebrows  went  up.  “Have  to?  As 
in,  have  to  because  you’re  getting  a  new  PC  and 
that’s  what  will  come  on  it?” 

Murchnick  nodded.  “And  your  help  desk  guys 
say  they  won’t  give  me  the  VPN  software  for  it,” 
he  said.  “Without  that,  I  can’t  get  on  the  network.” 

“We  just  started  testing  the  VPN  client  on 
Vista,”  said  the  Old  Man.  “And  before  you  ask,  no, 
you’re  not  a  good  candidate  to  be  a  test  user.” 

“Why  not?”  demanded  Murchnick.  “I  test 
things  all  the  time.” 

“Yes,  you  do,”  the  Old  Man  said.  “You’ve  tested 
almost  everything  you  could  buy  at  a  computer 
store.  Some  of  it  even  worked.  But  you  know 
we’ve  had  to  reimage  your  hard  drive  a  lot.” 

“That’s  not  my  fault,”  Murchnick  said.  “Most  of 
those  things  don’t  work  very  well.” 

“No,  they  don’t.  You  like  technology,  and  that’s 
good,  Murch,  but  you’re  not  really  a  power  user,” 
said  the  Old  Man,  thinking.  If  there’s  a  dead 
end  or  a  bug,  you’ll  trip  over  it.  “That  means  we 
spend  more  time  supporting  you  than  we  can  af¬ 
ford  already.” 

Murchnick  shrugged.  “OK,  I  get  it.  I  don’t  get 
to  work  from  home  on  my  new  PC.  I’ll  just  start 
taking  my  laptop  home.”  He  got  up  to  go. 

“Wait  now,  Murch,”  said  the  Old  Man.  Murch¬ 
nick  worked  from  home  on  his  own 
PC  because  when  he  had  taken  lap¬ 
tops  with  him  in  the  past,  the  results 
hadn’t  been  pretty.  “Let’s  rethink 
this.  If  we  set  you  up  to  use  your  new 
PC  on  the  VPN,  what  else  would  it 
be  used  for?  Would  your  wife  and 
kids  be  using  it  too?” 

“Well,  sure,”  said  Murchnick. 

“For  games  and  MySpace  and  MP3s 
and  Web  surfing?” 

“Yeah,  yeah,  all  that  stuff.” 

“And  e-mail  attachments  and  what¬ 
ever  programs  look  interesting?” 

Murchnick  frowned.  “What’s  your 
point?”  he  asked. 


You’re  my  security  team’s  idea  of  a  worst-case 
scenario,  thought  the  Old  Man.  But  instead  he 
said,  “I  think  we  might  learn  a  lot  from  secur¬ 
ing  this  new  PC  of  yours.  I  wouldn’t  want  them 
trying  to  juggle  hundreds  of  users  like  you  all  at 
once,  so  starting  with  just  you  should  be  a  good 
experience.” 

“Thanks  —  I  think,”  Murchnick  said. 

The  Old  Man  tapped  at  his  keyboard.  “We’ll 
want  to  firewall  and  antivirus  you  to  the  teeth,” 
he  said.  “Then  we’ll  need  to  install  remote- 
control  software,  so  we  can  make  configuration 
changes  and  check  settings.” 

“Wait,”  said  Murchnick,  “you  want  to  be  able  to 
take  over  my  PC  at  home?” 

“We  just  want  to  be  ready  in  case  anything 
goes  wrong,”  said  the  Old  Man.  Which,  with  you, 
it  always  does,  he  thought.  “Once  we  have  all 
that  in  place,  we  can  set  up  your  VPN  connection 
and  start  looking  for  any  problems.  I’ll  put  Brad 
to  work  on  it.  I  think  we  want  to  have  just  one 
person  supporting  you,  so  no  issues  fall  between 
the  cracks.” 

“Brad?”  Murchnick  scowled.  “That  guy  never 
stops  with  the  questions.  He  wants  to  know  ev¬ 
erything  I  did,  and  in  what  order,  and  when _ ” 

“Ah,  you’ve  worked  with  him  before.  Good,” 

said  the  Old  Man  as  he  came  around 
his  desk.  “Look,  Murch,  I  really  ap¬ 
preciate  your  doing  this.  I  thought 
we  were  going  to  have  two  prob¬ 
lems:  dealing  with  you  and  finding 
out  what  issues  our  non-power-users 
were  going  to  encounter  with  Vista.” 

He  guided  Murchnick  toward  the 
door  by  his  elbow.  “Instead,  you’ll 
get  to  use  Vista  before  anyone  else 
in  your  department,  and  we’ll  get  a 
good  test.  I  wish  I  had  a  dozen  users 
like  you,  Murch.” 

“Well,  sure,”  said  Murch. 

Yes,  a  dozen,  thought  the  Old  Man. 
Instead  of  hundreds. » 


FRANK  HAYES,  Compufer- 
world's  senior  news  columnist, 
has  covered  IT  for  more  than 
20  years.  Contact  him  at  frank. 
hayes@compirterworl(i.coni. 


Whafsthe  Big  Hurry? 

User  walks  into  the  office  of  this  sysadmin  pilot  fish 
and  says  he’s  just  received  an  e-mail  telling  him  to 
see  fish.  I  haven’t  sent  you  any  messages,  fish  tells 
him.  “So  we  walked  over  to  his  office  to  see  this  mes¬ 
sage,"  says  fish.  “Sure  enough,  there  was  a  message, 
just  as  he  said.  Date  the  message  was  sent:  June 
4, 2003.  We  had  been  testing  a  new  e-mail  system 
then,  and  we  sent  test  messages  to  all  the  users. 

Over  three  years  later,  the  user  finally  responded.” 


Clean  Room 

Pilot  fish  is 
visiting  a 
customer’s 
computer  room 
and  asks  for  a  floor-tile 
puller  to  get  at  cables 
under  the  raised  floor. 
But  he  can’t  get  the  first 
tile  he  tries  to  move.  Or 
the  second  or  third.  “I 
finally  succeeded  at  re¬ 
moving  one,”  says  fish. 
“It  was  then  I  found  the 
problem:  All  the  tiles 
were  severely  corroded, 
and  the  tiles  and  grid 
were  literally  rusted  to¬ 
gether.  I  asked  the  cus¬ 
tomer  about  this.  With 
a  shrug  he  replied,  ‘Oh 
yeah,  that’s  because  the 
janitor  comes  in  here 
every  night  and  damp- 
mops  the  floor.  Some 
of  the  water  runs  down 
between  the  tiles.’  ” 

What  If 

It’s  a  few  years  ago,  and 
this  pilot  flsh  at  a  major 
airline  is  managing  a 
project  to  pick  a  new 
data-hosting  vendor. 
“While  performing  a  risk 
analysis  exercise,  one 
of  our  eagle-eyed  team 
members  pointed  out 
that  the  vendor's  data 
center  was  located  very 
near  a  missile  base,” 
fish  says.  “His  concern: 
In  the  event  of  nuclear 


war,  the  data 
center  could  be 
destroyed  and 
we  could  lose 
ail  our  data.  We 
sat  staring  at  him  until 
one  team  member  broke 
the  awkward  silence 
^  by  pointing  out  that  the 
impact  to  our  operations 
would  be  negligible, 
since  we  would  prob¬ 
ably  be  grounding  our 
fleet  in  that  situation 
anyway.” 

Great  Idea 

n  Deadline  for  installing 
a  firewall  at  a  customer 
site  is  fast  approach- 
B  ing,  and  this  pilot  fish 
knows  the  hardware 
won’t  arrive  in  time.  His 
suggestion:  Use  a  test 
firewall  from  the  lab 
until  the  new  one  comes 
in.  “Can’t  do  that,”  boss 
says.  “It’s  a  used  ma¬ 
chine  and  the  customer 
only  wants  new  ones.” 
OK,  says  fish,  but  the 
new  hardware  won’t 
arrive  for  two  weeks 
and  won’t  be  ready  until 
D  a  week  after  that.  Fast- 
forward  a  week,  and  the 
customer  isn’t  happy 
about  having  no  firewall. 
^  Boss  to  fish:  “Why  don't 
we  just  use  one  from 
the  lab  temporarily?  We 
could  swap  It  out  when 
the  new  one  arrives.” 


OD0N7  DELAY  -  send  me  your  true  tale  of  IT  life  at 
sharky@computerworld.com  today.  You’ll  score  a 
sharp  Shark  shirt  If  I  use  it.  You  can  also  check  out  Sharky’s 
blog,  browse  the  Sharkives  and  sign  up  for  Shark  Tank 
home  delivery  at  computerworld.com/shai1^. 
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,.^^_^^^Join  the  feeding  frenzy  at  Shark  Bait  - 

the  place  to  sound  off  about  all  things  IT: 

sharkbait.cofnputerworld.com. 
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dedicated  account  managers  and  teams  of  technology  specialists  in  several  key  IT  categories.  And  because  we  can  reliably  custom  configure 
up  to  2,100  systems  in  our  state-of-the-art  configuration  center.  So,  it  stands  to  reason  that  CDW  was  also  ranked  #1  in'custonher  loyalty,' 
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We've  always  put  our  customers  first. 
Now,  they've  returned  the  favor. 
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CDW  was  recently  ranked  #1  overall  in  the  2006  CIO  Insight  magazine  survey  of  leading  technology  vendors. The  826  top  IT  executives  f 

.  .  .  . . .  r  .....  .  .  ......  . .  . .  .  ■' 


Call  us  today  and  find  out  what  it's  like  to  work  with  the  #1  technology  provider. 
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For  DHL 


the  power^^Bi 
of  IT  delivers 
over  four  million 
promises  a  day. 


Unified  and  simplified  package  tracking:  a  logistical  dream. 

The  best  way  for  DHL,  the  world  leader  of  delivery  services,  to  move  more  packages  is  to 
move  more  information.  CA  software  solutions  helped  DHL  to  unify  and  simplify  its  global 
package  tracking  systems.  This  increased  efficiency  gave  DHL  the  ability  to  deliver  over 
one  billion  promises  more  accurately  each  year.  It's  more  proof  that  customer  service  is 
back  in  shipping.  Learn  how  CA  software  solutions  enable  enterprises  like  DHL  to  realize 
the  full  power  of  IT  at  ca.com/customers 
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